SCHEDULE II

DATA SECURITY AND PRIVACY POLICY
This Data Security & Privacy Policy ("Data Privacy Policy") applies to the Client’s use of the CPT and Services on the Platform, using the FlexBiz Account. However, it does not apply to any third-party websites linked to the Platform or to any relationships the Client may have with businesses listed on the Platform.

The term "Personal Information/Personal Data" means information that the Client provides to the Provider that personally identifies the Client, such as the Client’s name, phone number, email address, and any other data linked to such information, and also means third party information provided by the Client to the provider for using the Services. The term Personal Information/Personal Data have been used interchangeably in this Policy and the Agreement and shall have one and the same meaning as ascribed to it under this Data Privacy Policy.

The Provider’s practices and procedures regarding the collection and use of Personal Information are outlined below to ensure the safe use of the Platform and the CPT. The Provider has implemented reasonable security practices and procedures appropriate to the nature of the information and its business. While the Provider strives to provide security that exceeds industry standards, due to the inherent vulnerabilities of the internet, the Provider cannot guarantee complete security of all information transmitted to the Provider by the Client.

By visiting or using the Platform and CPT, the Client agrees to be bound by this Privacy Policy and consent to the collection, use, processing, and sharing of Personal Information as described below. If the Client does not agree with these terms, please do not use the Platform. In addition, if the Client is a Client of the Provider, the Client must notify the Provider DPO (as defined herein) in writing of its decision to reject this Policy. Rejection of this Policy or withdrawal of consent to the collection, processing, use and/or disclosure of Personal Information may affect the Services which The Provider   is able to provide to you.

Please note that the separately provided Master Terms & Conditions form an integral part of the Client’s use of the Services and should be read in conjunction with this Privacy PolicyBy accessing the Platform or using the Provider’s Services (as defined below), the Client represents and warrants to the Provider that the Client has read, understood and agree to the terms of this Policy. The Client will also be deemed to have provided the Client’s consent to the Provider to use its Personal Data for the purposes outlined in this Policy. The Provider shall seek consent before collecting any additional Personal Data and before using Personal Data for a purpose which has not been notified to the Client (except where permitted or authorised by law).


1. DEFINITIONS
a. “The Provider Group” means the Provider and its related corporations and Affiliates, including any of the Provider’s subsidiaries, the Provider’s holding company and its subsidiaries (in each case wheresoever situate).

b. “Data Protection Legislation” means all laws relating to the processing of Personal Data, privacy, and security, including without limitation the data and information of all nature covered and protected under the relevant legislation applicable to the Territory, or all other applicable or replacement international, regional, federal or national data protection laws, regulations and regulatory guidance;

c. “Personal Data/Personal Information” shall mean the personal data or information of the like, defined herein and read along with the Data Protection Legislation applicable in the Territory.

d. “Provider Data” shall mean any data, materials, works pertaining to the Provider that may be shared with the Client in relation to the Agreement.

e. “Services” means the services that the Provider provides to the Client through the Agreement on the Platform and as defined in the Agreement.

f. “Territory” shall have the meaning defined under the Agreement.

GENERAL
From time to time, the Provider may collect data which enables a natural person to be identified ("Personal Data"). Some examples of Personal Data are:

a. personal particulars (e.g. name, contact details, address, date of birth, identity card/passport details)

b. images and biometrics (e.g. voice and video recordings of you, including conversations with the Client for verification or other purposes)

c. employment details (e.g. occupation, directorship, share ownership)

d. personal opinions made known to the Provider (for example, through feedback or surveys).

e. information relating to Client activities, habits, preferences and interests arising from Client’s use of the Platform and the CPT and Services of the Provider Group; and/or

f. other electronic data or information relating to the Client such as IP addresses, cookies, activity logs, online identifiers and location data through the Client’s usage of the CPT and Services or as part of their delivery to the Client.

ACCURACY OF PERSONAL DATA
The Provider generally relies on Personal Data provided by the Client (or the Client’s authorised representative). The Client is to ensure that the Personal Data provided by the Client is current, complete, and accurate at all times. The Client shall update the Provider if there are any changes to Personal Data and inform the DPO in writing or via email at the contact details provided herein.

COLLECTION AND USE OF PERSONAL INFORMATION
a. FlexBiz collect and stores Client Personal Information. If the Client provides third-party account credentials ("Third Party Account Information") to FlexBiz, it is understood that, upon Client authorization, certain content and information from those accounts may be transmitted to the FlexBiz Account. Any Third Party Account Information transmitted to FlexBiz will be covered by this Privacy Policy. The Client may choose not to provide certain information; however, this may prevent you from registering with FlexBiz or using some of its features and Services.

b. FlexBiz uses commercially reasonable efforts to limit the collection of Personal Information to what is necessary to fulfil the purposes identified in the Agreement. If FlexBiz uses or plans to use the information for a purpose different from the one for which it was collected, FlexBiz will request Client consent beforehand.

c. The Personal Information FlexBiz collects will be used solely to enable the Client to use the Services, promote a safe and secure experience, assess user interest in the CPT and Services, inform the Client about online offers and updates, troubleshoot issues, customize Client experience, detect and prevent errors, fraud, and other criminal activity, process payments, enforce the Provider’s terms and conditions, and fulfil any other purpose disclosed to the Client at the time of collection.

d. The Client and the Client’s Authorised Users agree that any information provided to the Provider may be disclosed to and used by the following parties:

i. Regulatory authorities, courts, and governmental agencies to comply with legal orders, legal or regulatory requirements, and government requests as per Applicable Law.

ii. Service Providers, Affiliates, payment intermediaries, regulatory authorities, and governmental agencies to detect and prevent fraud and other criminal activities, and to protect the Provider  and its Affiliates.

iii. Affiliates and other members of the Provider Group for marketing and risk management purposes.

iv. Service Providers who perform services for the Provider and help operate its business and the Platform (e.g., cybersecurity, human resources, IT support, and audit services).

v. Banks, financial institutions, payment intermediaries, or other partners with whom the Provider may jointly offer or develop the Services, provided they do not use the Personal Data for independent marketing without Client consent.

vi. Provider professional advisors (including lawyers) to protect and advance the Provider’s rights.

e. Without limiting the foregoing, the Client agrees that the Provider may transfer the Client’s and the Client’s Authorised Users’ data to any payment intermediary, and any company within the Provider Group for the purposes of processing Electronic Instructions and Client transactions and to provide the Client with the Services. Regardless of where the Provider processes Client information, the Provider will store and protect it in accordance with Applicable Law.

f. The Provider may collect and store Client’s sensitive Personal Data or Information—such as financial information, including credit card details, debit card details, bank account information, and Know Your Customer ("KYC") documents as required by RBI regulations as applicable —as well as any other applicable information that the Client chooses to save in the FlexBiz Account.

g. The Provider assures that Personal Information will not be disclosed publicly or sold to any third party.

h. The Client has the option to erase any information provided, including Personal Information. If the Client chooses to erase such data, the Provider will delete all ythe Provider’s stored information from its servers.

5. PERSONAL DATA PROVIDED TO THE PROVIDER  

a. Where the Client provides Personal Data to the Provider, the Client represents and warrants to the Provider that (i) the relevant individual has been notified of the purposes for which the data will be collected, processed, used and disclosed; and (ii) the Client has obtained the relevant individual's consent for the collection, processing, use and disclosure of such Personal Data by The Provider, and has been duly authorised by the relevant individual to provide the Personal Data to the Provider.

b. The Client must promptly inform the Provider upon the Client becoming aware of the withdrawal by the relevant individual of his/her consent to the collection, processing, use and/or disclosure by the Provider of the Personal Data provided to the Provider. The withdrawal of such consent may affect the Services which the Provider is able to provide to the Client.

c. Any consent given in relation to Personal Data provided to the Provider shall, subject to Applicable Laws and regulations, survive the death, incapacity, bankruptcy or insolvency of any such individual and the termination or expiration of any account in connection with the use of the Platform.

6. SECURITY AND PROTECTION OF PERSONAL DATA

a. The Client’s FlexBiz Account is password-protected. FlexBiz uses industry-standard measures and best practices to protect the Personal Information stored in its database, as detailed on its website. FlexBiz limits access to Client Personal Information to employees and contractors who need it to perform their job functions, such as the Provider’s customer service personnel.

b. To safeguard Client Personal Data from unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks, the Provider has introduced appropriate administrative, physical and technical measures such as up-to-date antivirus protection and encryption to secure all storage and transmission of Personal Data by the Provider. The Provider also discloses Personal Data both internally and to its authorised third-party Service Providers and agents only on a need-to-know basis.

c. The Client acknowledges that the Provider is not responsible for any information intercepted during transmission over the Internet, and the Client hereby releases the Provider from any and all claims arising out of or related to the unauthorized use of such intercepted information.

7. USE OF PERSONAL DATA

The Provider may use ythe Provider’s Personal Data for business purposes, such as:

a. to develop, improve and provide payments facilities, products or services (whether made available by the Provider or through the Provider), including but not limited to:

i. executing payments, commercial or other transactions and requests, including processing, settlement, clearing or reporting on these transactions;

ii. carrying out research, planning and statistical analysis; and

iii. analytics for the purposes of developing or improving the Provider’s products, services, security, service quality, advertising or customisation strategies;

b. assessing and processing applications, instructions or requests from the Client;

c. communicating with the Client, including providing the Client with updates on changes to Products, Services and payments facilities (whether made available by the Provider or through the Provider) including any additions, expansions, suspensions and replacements of or to such products, services and payments facilities and their terms and conditions;

d. managing the Provider’s infrastructure, business operations and complying with internal policies and procedures;

e. responding to queries, complaints or feedback;

f. addressing or investigating any complaints, claims or disputes;

g. verifying Client identity for the purposes of providing payments facilities, Products or Services;

h. conducting credit checks, screenings or due diligence checks as may be required under Applicable Law, regulation or directive;

i. complying with all Applicable Laws, regulations, rules, directives, orders, instructions, guidance and requests from any local or foreign authorities, including regulatory, governmental, tax and law enforcement authorities or other authorities;

j. monitoring products and services provided by or made available through the Provider;

k. complying with obligations and requirements imposed by the Provider from time to time by any credit bureau or credit information sharing services of which the Provider is a member or subscriber;

l. creating and maintaining credit and risk related models;

m. financial reporting, regulatory reporting, management reporting, risk management (including monitoring credit exposures), audit and record keeping purposes;

n. enabling any actual or proposed assignee or transferee, participant or sub-participant of the Provider’s rights or obligations to evaluate any proposed transaction;

o. in connection with any sale, acquisition, merger or restructuring of the Provider 's business.

p. for the marketing of products and services ancillary or related to the use of the Platform;

q. to detect, prevent and investigate fraud;

r. enforcing obligations owed to the Provider;

s. in connection with performance of the Provider duties and obligations when seeking consultancy or professional advice, including legal advice; and/or

t. administering benefits or entitlements in connection with the Provider’s relationship with the Client or arising from the Client participation in events, campaigns, or marketing promotions by the Provider. This will include the administration of loyalty, rewards programmes, lucky draws, and/or sending gifts and awards.

In addition to the above purposes, the Provider may also use Personal Data to enable the Client to use the Services, promote a safe and secure experience, assess user interest in FlexBiz products and Services, inform the Client about online offers and updates, troubleshoot issues, customize Client experience, detect and prevent errors, fraud, and other criminal activity, process payments, enforce FlexBiz terms and conditions, and fulfil any other purpose disclosed to you at the time of collection.

8. DISCLOSURE AND SHARING/TRANSFER OF PERSONAL DATA

a. Where necessary to fulfil the Provider’s obligations in the course of or in connection with the Provider’s provision Services requested by the Client, or to fulfil the Provider’s business purposes stated above, The Provider may from time to time disclose Personal Data to other members of the Provider Group and third parties such as the following whether inside or outside the Territory:

i. regulatory authorities, courts, dispute resolution tribunals, and governmental agencies;

ii. any agent, affiliate, business partner, supplier, vendor and sub-contractor which provides products and services to the Provider in connection with the Platform and Services (for example, vendors who the Provider engages to perform fraud detection and monitoring, payment intermediaries who the Provider works with to provide Services;

iii. any actual or proposed assignee of the Provider or transferee of The Provider's rights in respect of all or any part of the assets, properties or business of the Provider;

iv. any credit bureau as well as the members of such credit bureau (for example, banks, financial intermediaries, payment intermediaries, card network members and insurers);

v. financial institutions and other business partners with whom the Provider jointly offers or develops Services (but they may not use the Client’s Personal Data to independently market its own products or services to the Client unless the Client consents that they can do so); and

vi. analytics and search engine providers that assist the Provider in the improvement and optimisation of the Platform; and

vi. anyone the Provider considers necessary in order to provide the Provider’s Services.

b. The Provider does not share the Client’s Personal Information with any third party, except for financial institutions such as banks, the RBI, or other regulatory agencies, as required. The Provider also shares the Client’s information to provide the Client with the Services, conduct quality assurance testing, facilitate account creation, provide technical and customer support, or deliver specific services such as synchronizing the Client’s contacts with other software applications at the Client’s instruction. These third parties are required to use the Client’s    Personal Information only to provide the Services.

c. The Provider may share the Client’s Personal Information with its Affiliates that the Provider  may have now or in the future. In such cases, the Provider will require them to honor this Privacy Policy. If another company acquires the Provider company or its assets, that company will possess the Client’s Personal Information and assume the rights and obligations concerning that information as described in this Privacy Policy.

d. The Provider  may disclose the Client’s Personal Information to third parties when the Provider  have a good faith belief that such disclosure is reasonably necessary to: (a) take action regarding suspected illegal activities; (b) enforce or apply the Agreement; (c) comply with legal processes such as search warrants, subpoenas, statutes, or court orders; or (d) protect Provider rights, reputation, and property, or those of its users, Affiliates, or the public. Please note that the Provider is not required to question or contest the validity of any search warrant, subpoena, or similar governmental request that the Provider receives.

e. The Provider may disclose aggregate information relating to user behaviour to third parties in connection with actual or prospective business relationships, such as advertisers and content distributors. For example, the Provider may disclose the number of users who have been exposed to or clicked on advertising banners.

9. PRIVACY AND DATA RETRIEVAL

a. The Provider is required to comply with all Applicable Laws, regulations, notices and guidelines issued by relevant authorities from time to time. In this connection, the Client may be required to provide, through either the Platform, electronic mail or through other indicated means, relevant data necessary to allow the Provider to establish and verify the Client’s identity, as well as the identity of all beneficial owners, partners, directors or individuals with executive authority and individuals authorized to open and operate the Client’s FlexBiz Account. Such data will be required at the time of opening the Client’s FlexBiz Account and may be required on an ongoing basis thereafter.

b. The Provider will collect, use and disclose the Client’s information (including personal data of individuals that the Client have provided to us) in accordance with the Provider’s data privacy policy available on the Provider’s Platform as may be amended, supplemented and/or substituted from time to time.

c. Without prejudice to the foregoing, the Client gives the Provider the Client’s consent, and authorize the Provider, to at any time and without notice or liability, use and disclose the Personal Data and any particulars of and/or otherwise relating to the Client’s FlexBiz Account to:

i. any Affiliate and any member of the Provider Group and their respective agents and contractors in any jurisdiction for the purposes of fraud detection and monitoring, regulatory compliance and reporting, customer screening relating to sanctions, anti-money laundering and countering the financing of terrorism compliance processes, and monitoring credit exposures across the Provider Group;

ii. any Affiliate, payment processor, account issuer, card issuer, financial institution, payment intermediary and contractor in any jurisdiction for the purposes of (i) facilitating, effecting and/or processing the Client’s Electronic Instructions and related transactions on the Client’s FlexBiz Account and/or (ii) administering any benefit, privilege and term applicable to the Client’s FlexBiz Account;

iii. any Affiliate, payment processor, account issuer, card issuer, financial institution, payment intermediary and contractor in any jurisdiction which has a legitimate business purpose for obtaining such information, including offering the Client products or services in connection with the Client’s FlexBiz Account and/or any related transaction, and/or otherwise to facilitate the Client’s use of the Client’s FlexBiz Account;

iv. any person or organisation for the purpose of enabling or facilitating the book-keeping and accounting integration services available on the Platform including but not limited to book-keeping and accounting services providers and information management services providers;

v. any Affiliate and any member of the Provider Group and their respective agents and contractors for the purposes of (i) conducting research and/or analysis relating to any product and/or service provided by The Provider   or such party and (ii) improving, enhancing or developing new services or new methods of processes for business operations in relation to the Client’s FlexBiz Account;

vi. any bank, credit or charge card company and merchant for the purpose of any credit or other enquiry in connection with the Client’s FlexBiz Account;

vii. any person or organisation engaged by or on behalf of any member of the Provider Group for the purpose of performance of the Provider’s services or operational functions where these have been outsourced;

viii. any agent appointed by the Provider  for the purpose of making, printing, mailing, storing, microfilming and/or filing any personalised statement of accounts, card, label, mailer or any other document or item on which the Client’s name and/or other particulars appear, or any data, record or document, and/or otherwise to provide a service to you;

ix. any information garnering or processing organisation or consultant or entity conducting surveys or analysis or research or developing system applications for the Provider  or any other member of the Provider Group;

x. the police, law enforcement agency or any public officer for the purposes of conducting an investigation into any matter relating to the Client’s FlexBiz Account or any Provider   Group member in any jurisdiction;

xi. any government agency, authority, tribunal or court of any jurisdiction (or equivalent), in compliance with the order, notice or request of such agency, authority, tribunal or court, and/or applicable laws and regulations, and/or for commencing, defending or otherwise participating in any legal or administrative proceedings or inquiry before any court, tribunal or other agency or authority;

xii. any person for the purpose of collecting or recovering on the Provider's behalf, or for securing for the Client’s benefit, or for the repayment on the Client’s behalf, any sums of money owing to the Provider by you;

xiii. any credit bureau of which the Provider is a member or subscriber or credit reference agents;

xiv. auditors and professional advisors including lawyers, insurers and receivers appointed by any member of the Provider Group;

xv. any person authorized to operate the Client’s FlexBiz Account and any guarantor or security provider relating to the Client’s FlexBiz Account;

xvi. any rating agency, business alliance partner, insurance company, insurer, insurance broker or direct or indirect provider of credit protection;

xvii. any person or organisation who, in the course of the sending and delivering of communication materials (including all forms of direct mailers and advertisements) from the Provider to the Client or the prior preparation, sees any envelope or communication material sent by the Provider to Client, which bears the Provider’s name and/or logo;

xviii. any person or organisation to clarify or correct any wrongful or erroneous belief, representation or allegation to any third party, whether made by the Client or on the Client’s behalf, both in public and in private, regarding any of the Provider’s dealings with the Client or otherwise in relation to the Provider’s products, processes or policies, regardless of the form of media or platform which may include but is not limited to, published articles, posts, complaints or petitions; and/or

xix. any person The Provider   reasonably considers it in its interest to make such disclosure (and each of the foregoing persons similarly may disclose to the Provider and to each other) in connection with its provision of its services and the enforcement of any rights and/or performance of any obligation in respect of or in connection with the Client’s FlexBiz Account, the Services and/or the Agreement.

d. The Client can ask the Provider what information the Provider hold about the Client and, where applicable, the Client can ask the Provider to correct it if it is inaccurate or incomplete. The Provider will need to verify the Client’s identity before the Provider can process the Client’s request.

e. Following termination or deactivation of the Client’s FlexBiz Account, the Provider may retain Personal Data and content for backup, archival, audit, disaster recovery, or otherwise in accordance with Applicable Law, guidelines and directives (for example, regulations relating to the prevention of money laundering and countering the financing of terrorism).

10. MARKETING COMMUNICATIONS
a. If the Client should consent, the Client may, from time to time, receive a variety of communications, including but not limited to newsletters, emails, WhatsApp and text messages (the "Marketing Communications"), that may include service updates, product advertising and offers related to the Services which the Provider believes the Client may be interested in.

b. The Client may, at any time change the Provider’s Marketing Communications preferences by contacting the Provider.

c. Apart from Marketing Communications, the Client may receive important service information that the Provider believes is critical to the Client’s use of the Platform and the Services. In such exceptional circumstances, such information will be sent to the Client regardless of the Client’s preferences.

OTHER WEBSITES
The Provider’s Platform may contain links to other websites which are not maintained by The Provider. This privacy policy only applies to the Platform. When visiting these third-party websites, the Client should read their privacy policies which will apply to the Client’s use of the websites.

11. USE OF COOKIES

a. The Provider’s Platform uses cookies. A cookie is a small text file placed on the Client’s computer or mobile device when the Client visits a website or uses a mobile application. Cookies collect information about users and their visit to the website or use of the mobile application, such as their Internet protocol (IP) address, how they arrived at the website (for example, through a search engine or a link from another website) and how they navigate within the website or mobile application.

b. The Provider uses cookies and other technologies to facilitate the Client’s internet sessions and use of the Provider’s Platform, offer the Client products and/or services according to the Client’s preferred settings, track use of the Provider’s Platform and to compile statistics about activities carried out on the Provider’s Platform.

c. If the Client wish to deny the use and saving of cookies from the Platform on to the Client’s computers and/or other electronic devices, the Client should take the necessary steps within the Client’s internet browsers’ security settings to block all cookies from the Platform. The Client can choose to delete the cookies at any time. However, do note that when the Client enables blocking of cookies, certain features and functions may be limited in the Client’s use of the Provider’s Platform.

13. RETENTION OF PERSONAL DATA

a. Personal Data is retained as long as the purpose for which it was collected remains.

b. Without limiting the generality of the foregoing, in the event the Client terminates its relationship with the Provider, the Provider may retain the Personal Data provided to the Provider for so long as the Provider deems reasonably necessary for the Provider’s business or audit purposes or to comply with applicable regulations, guidelines and directives.

c. The Provider will cease to retain the Client’s Personal Data or remove the means by which the Personal Data can be associated with the Client, as soon as the Provider deems that such retention ceases to meet the purpose for which the Personal Data was collected and any other business, audit, or legal purposes.

14. ACCESS AND CORRECTION

a. The Client may access or, where applicable, make corrections to the Personal Data held by the Provider. To do so, the Client may contact the Provider DPO.

b. The Provider reserves the right to charge such fees as it may, in its sole and absolute discretion, deem appropriate for the grant of such access and to correct any such Personal Data. The Client will be notified of such a fee before the Provider process the Client’s request.

c. The Provider will respond to the Client’s request as soon as reasonably possible. Should the Provider be unable to respond to the Client’s request within thirty (30) days after receiving the Client’s request, the Provider will inform the Client in writing within thirty (30) days of the time by which the Provider will be able to respond to the Client’s request.

d. If the Provider is unable to provide the Client with any Personal Data or to make a correction requested by the Client, the Provider shall generally inform the Client of the reasons why the Provider are unable to do so (except where the Provider are not required to do so under the Information Technology Act, 2000).

15. AMENDMENTS AND UPDATES

The Provider may amend this Policy from time to time to ensure that this Policy is consistent with any developments to the way the Provider uses the Client’s personal data or any changes to the laws and regulations applicable to The Provider. The Provider will make available the updated policy on the Provider’s Platform/website https://www.flexm.com/. All communications, transactions and dealings with the Provider shall be subject to the latest version of this Policy in force at the time.

16. SECURITY, DUE DILIGENCE AND ACCEPTABLE USE OF FLEXBIZ ACCOUNT

a. The Client is responsible for ensuring that the username and password to the FlexBiz Account are kept securely and that all Electronic Instructions (defined hereinafter), notices and documents provided to the Provider are complete, accurate and properly initiated by the Client’s Authorised Users.

b. The Provider may require the Client to change the Account Details(s) if the Provider is required to do so based on the requirement of its financial partners or prevailing Applicable Laws and regulations. However, the Provider will inform the Client before the Provider does so and shall provide the Client with a reasonable timeline beforehand to assist in the transition to the new Account Details(s).

c. The Client acknowledges and accepts that any limitation or impairment in the Client’s ability to use, access and operate the FlexBiz Account or any Payout Services may be due to factors outside the control of FlexBiz. This includes acts of third parties who are not acting on behalf of FlexBiz (including third party service providers or any other member of the Provider group), technical conditions of the internet that cannot be influenced by FlexBiz, and Force Majeure Events. The hardware, software and any other technical infrastructure that the Client uses can also influence the Client’s ability to use, access and operate the FlexBiz Account or any Payout Services. The Client acknowledges and accepts that the Client’s usage of any such hardware, software and any other technical infrastructure shall be at the Client’s own risk.

d. The Client shall, under no circumstances and whether with or without the Client’s knowledge, use or allow the use of the FlexBiz Account to effect any transaction which would contravene the laws of any jurisdiction. The Client also agrees not to use funds or authorise the use of funds in the Client Currency Account in relation to prohibited or restricted activities or industries listed in the FlexBiz Acceptable Use Policy, or in countries subject to sanctions (which means any economic sanctions, laws, regulations, embargoes or restrictive measures administered, enacted or enforced from time to time).

e. The Client shall be fully responsible for ensuring that the Client only authorise or make payments from the Client’s FlexBiz Account to persons or entities in connection with transactions in compliance with Applicable Laws. At no time and under no circumstances shall the Client or any of the Client’s representatives use the FlexBiz Account or any Payout Service in connection with any illegal activities including but not limited to sanctions, money-laundering, fraud and the funding of terrorist organisations. If the Client is in doubt as to the legality of a purchase or the legality of any funds, the Client should not continue with, permit or facilitate such transaction.

f. The Client agrees to comply with all applicable anti-bribery and anti-corruption laws which prohibit officials, representatives, agents or any other person associated with or acting on behalf of the Client from giving, offering, promising to offer, receiving/ accepting or acting in any other manner so as to induce a payment, gift, hospitality or anything else of value (either directly or indirectly) whether from within the country or from abroad to government officials, public servants, regulatory bodies, judicial authorities, persons in positions of authority, elected or contesting electoral candidates, political parties or office bearers thereof or any other third party or person in order to obtain an improper commercial/ business advantage of any kind. Government officials include any government employee, candidate for public office, an employee of government- owned or government–controlled companies, public international organisations and political parties. The Client also agrees not to give, offer, pay, promise or authorise to give or pay, directly, indirectly or through any other person, of anything of value to anybody for the purpose of inducing or rewarding any favourable action or influencing any decision in the Client’s favour.

g. The Client specifically understands and agrees that by using the Platform, the Client authorizes FlexBiz, its affiliates, partners and third parties to contact the Client for any follow up calls in relation to the Services provided through the Platform and/or for offering or inviting the Client’s interest in availing any other product or service offered by the Provider or such third parties. The Client agrees and consents to receive communications relating to all of the above on the contact channels (phone/mobile number (if any provided)) by the Client on as part of the Account Details and expressly waive any registration or preference made under DND/NCPR list under the applicable Telecom Regulatory Authority of India (TRAI) regulations.

h. The Client agrees and acknowledges that for undertaking any payment and/or financial transaction through the CPT and Platform, FlexBiz may undertake due diligence measures and seek information required for Know-Your-Customer (“KYC”) purpose which as a customer, the Client is obliged to give in accordance with Applicable Laws. The Client agrees and acknowledges that FlexBiz can undertake enhanced due diligence measures (including any documentation), to satisfy itself relating to its due diligence requirements in line with the requirements and obligations under Applicable Laws. It is agreed that FlexBiz may decline to onboard a Client for the Services at its sole discretion without being required to disclose the reasons for such decision.

i. The Client is solely responsible for understanding and complying with all applicable laws of India, including but not limited to the provisions of the RBI Guidelines on Regulation of Payment Aggregators and Payment Gateways, Payment and Settlement Systems Act, 2007, Prevention of Money Laundering Act, 2002, Know Your Customer (KYC) / Anti-Money Laundering (AML) / Combating Financing of Terrorism (CFT) guidelines issued by the Department of Regulation, RBI as may be amended from time to time (the "KYC GUIDELINES") etc., that may be applicable to the Client in connection with the Client’s business and use of the Services.

j. The Client agrees and covenants that before the commencement of any Service(s) under the Agreement, the Client shall provide the necessary documents (as determined in the Provider’s sole discretion or when required by Third Party Service Providers or governmental authorities or law enforcement agencies) (“KYC Documents”) to enable the Provider to conduct the due diligence in respect of the Client and its business / activities.

k. The Provider shall have the right to share the KYC Documents (or the information therein) and other related documents with the Service Providers or governmental authorities or law enforcement agencies, as required under the Applicable Laws. The Client expressly consents the Provider to rely on the KYC Documents provided by the Client for providing the Services. The Client further acknowledges and agrees that the Provider reserves the right at all times to monitor, review, retain and/or disclose any information in relation to the Service(s) as necessary pursuant to satisfy any Applicable Laws, legal process or governmental request.

i. The Provider shall have the right to demand from the Client, any (i) additional KYC Documents and /or (ii) any KYC related or other documents of Your payees or invoices, in its sole discretion and /or as per the Applicable Laws or pursuant to requests from governmental authorities or Facility Providers. The Client’s failure to submit the KYC Documents when requisitioned shall entitle the Provider to suspend the Services and/or stop settlement of monies (as applicable) until the Client submits such KYC Documents to the sole satisfaction of the Provider.

17. MISCELLANEOUS

a. In the event of a breach of security in respect of Personal Data and to the extent required by the Information Technology Act, 2000, the Provider  will as soon as reasonably practicable provide notice of such breach to the relevant individual, setting out the extent of the breach, the affected Personal Data and any steps taken by The Provider   to remedy and limit the consequences of the breach.

b. Nothing in this Policy shall be construed as the Provider providing an indemnity to any Client in relation to any Personal Data or use thereof. To the extent permitted by applicable law, The Provider expressly excludes liability or any losses which the Client may suffer on account of the Provider’s collection, storage, use, transfer or retention of Personal Data in accordance with this Policy.

c. In any event, the Provider expressly excludes any liability to the Client which are in the nature of indirect or consequential losses, special losses, loss of profits, loss of contracts, loss of reputation or goodwill, or other tangential or intangible losses that a Customer may suffer on account of a breach of this Policy by the provider or any of its agents, partners, vendors or service providers.

18. CONTACT US

a. To contact the Provider on any aspect of this Policy or the Personal Data or to provide any feedback that the Client may have, the Client may contact the DPO at the address mentioned herein.

b. DPO:
Lalit Trivedi
FlexM Private Limited
E-mail: DPO@flexm.com

c. The Provider will respond to the Client’s request as soon as reasonably possible. Should the Provider be unable to respond to the Client’s request within thirty (30) days after receiving the Client’s request, the Provider will inform the Client in writing within thirty (30) days of the time by which the Provider will be able to respond to the Client’s request.

FlexM is regulated by the Monetary Authority of Singapore as a Major Payment Institution and by the Financial Transactions and Reports Analysis Centre of Canada (FINTRAC).
Become the Superhero of your business. Adorn the FlexM Cape and Build your Masterpiece.

Receive updates about our products, services, new features and more.

Subscription Confirmed! Thanks for Joining Our Newsletter!
Oops! Something went wrong while submitting the form.
Become the Superhero of your business. Adorn the FlexM Cape and Build your Masterpiece.

Receive updates about our products, services, new features and more.

Subscribe Now
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Products
FlexBank NewFlexRemit NewFlexPay NewFlexComply New
Solutions
Use CasesNewIndustriesNew
Developers
API DocumentationNewProduct DocumentationNew
Resources
BlogsNewSuccess StoriesNew
Company
About UsMediaCareers
©2025 FlexM Pte. Ltd. All Rights Reserved.
Policies and Terms & Conditions
Partner SupportCustomer Support
Thank you! We have received your inquiry.
We have received your message. We'll reach out to you very soon!
Ok, great
Connect with Us
Our team is happy to answer your sales questions. Fill out the form and we’ll be in touch as soon as possible.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.