Privacy Policy
| Topic | |
|---|---|
| Effective Date | 08 May 2026 |
| Last Updated | 08 May 2026 |
| Version | 1.0 |
| Jurisdiction | Solomon Islands |
This Privacy Policy explains how TASI PAYMENT SOLUTION PTY LIMITED ("TasiPay", "we", "our" or "us") collects, uses, shares, stores and protects personal information when you use Tasi.
Tasi is a digital identity and trust infrastructure service. In its current phase, Tasi supports digital ID, public QR ID, identity and age verification, merchant scan/check-in, membership or loyalty features, consent-based merchant promotions and in-app messaging. Tasi is not a payment wallet and does not move money for consumers in this current version.
Policy at a Glance
| Topic | Summary |
|---|---|
| Who we are | TASI PAYMENT SOLUTION PTY LIMITED, Point Cruz, Honiara, Solomon Islands. |
| What Tasi does | Provides digital identity, QR/public ID, verification, merchant check-in, chat and consent-based promotions. |
| What we collect | Account/contact data, identity verification data, QR/public ID, check-in data, chat/user content, device/security data, support records and optional promotion preferences. |
| Why we collect it | To create your Tasi account, verify identity or age where needed, enable QR scan/check-in, provide chat, manage promotions you choose to receive, keep the service secure and support users. |
| Who sees your data | TasiPay, trusted service providers, merchants you interact with, regulators or authorities where legally required, and other users only for the content you choose to share. |
| Merchant visibility | Merchants should only see limited information needed for the scan/check-in, such as your name or display name, public ID reference, verified 18+ result where relevant, membership or promotion status and check-in confirmation. Merchants should not see your full passport number, raw ID documents or complete identity record. |
| Tracking | We do not sell your personal information, share it with data brokers or use it for third-party advertising tracking. |
| Your controls | You may request access, correction, deletion, portability, consent withdrawal and marketing/promotion opt-out, subject to legal and security limits. |
| Contact | privacy@tasipay.com |
1. Scope
This Policy applies to Tasi mobile applications, web pages, merchant dashboards, check-in tools, support channels and related services that link to this Policy.
This Policy does not apply to third-party websites, venues or merchants outside the Tasi service. Merchants may have their own privacy notices for their venue, loyalty program or business operations.
If TasiPay later launches wallet, payment, money transfer or regulated financial services inside Tasi or a related app, we will update this Policy or provide an additional policy before collecting or using data for those services.
2. Data Controller
The entity responsible for the personal information covered by this Policy is:
| Field | Details |
|---|---|
| Company | TASI PAYMENT SOLUTION PTY LIMITED |
| Address | Point Cruz, Honiara, Solomon Islands |
| Privacy email | privacy@tasipay.com |
| Website | https://tasipay.com |
3. Personal Information We Collect
We collect only the personal information reasonably needed for Tasi features, security, legal compliance and support.
3.1 Account and Contact Information
We may collect:
full name or display name;
email address;
mobile phone number;
username, password hash and account credentials;
public Tasi ID, QR ID or account identifier;
language, country or profile settings.
3.2 Identity and Verification Information
Where you choose or are required to verify your identity or age, we may collect:
date of birth and age verification result;
nationality, gender or other profile fields you provide;
passport, national ID or other government-issued ID details;
photos or scans of your identity document;
selfie or face photo for verification;
verification status, KYC level or trust level;
audit records showing when verification was completed.
We use identity and age data to confirm that one Tasi ID belongs to one user, support verified 18+ use cases and reduce misuse. Merchants should receive only the minimum verification result needed for the specific use case, such as "verified 18+" or "not verified", rather than your full identity record.
3.3 Merchant Scan, Check-in, Membership and Promotion Data
When you present your Tasi ID QR code or otherwise check in with a merchant, venue or event, we may collect:
merchant or venue name;
check-in date and time;
public ID or QR scan reference;
scan result and verification result;
membership, loyalty or promotion eligibility;
campaign opt-in status;
campaign delivery, response or redemption;
repeat visit and dashboard activity signals.
This information is used to confirm the check-in, support membership or loyalty features, measure pilot usage and allow merchants to manage promotions that you have chosen to receive.
3.4 Chat and User Content
If chat is enabled, we may collect and process:
1:1 and group chat messages;
images, emoji or attachments you send;
sender, recipient, group and timestamp metadata;
reports, blocks or moderation records.
Other users in a conversation can see the messages and content you send to them. We may review chat content or metadata where necessary for support, safety, abuse prevention, legal compliance or enforcement of our terms.
3.5 Device, Usage, Security and Diagnostic Data
When you use Tasi, we may collect:
device model, operating system, app version and browser type;
IP address and approximate network location;
device identifier, installation identifier or push notification token where used;
login time, session data, feature usage and error logs;
crash reports, performance data and diagnostics;
security signals used to detect fraud, account takeover or misuse.
We do not use this information for third-party advertising tracking.
3.6 Camera, Photo and Location Permissions
Tasi may request access to your device camera to scan QR codes or capture identity documents or selfies for verification.
If profile images, chat images or ID uploads are enabled, Tasi may let you choose photos or videos from your device. We recommend using the system image picker where possible so you do not need to grant full photo library access.
Tasi may collect approximate location from your IP address, a merchant venue check-in or location information you provide. We will request device precise location only if a feature requires it and only with your permission.
3.7 Optional Profile and Promotion Preferences
If you choose to receive merchant promotions or personalized offers inside Tasi, we may collect optional preference or demographic information such as:
interests;
preferred merchant categories;
location preference;
nationality;
marital status;
income level or KYC level where voluntarily provided and relevant.
You can opt out of promotional messages. We do not sell promotion profiles to merchants or external advertisers.
3.8 Support and Feedback
If you contact us, we may collect your support messages, contact details, attachments, issue history and related records so we can respond and improve the service.
4. How We Collect Information
We collect information:
directly from you when you register, update your profile, verify your identity, chat, submit support requests or choose promotion preferences;
automatically when you use the app or website;
when a merchant scans your Tasi ID QR code or confirms a check-in;
from service providers that help us deliver verification, OTP, hosting, support, analytics, crash reporting or security services;
from authorized TasiPay staff during assisted onboarding events or pilot activities.
5. How We Use Your Information
We use your personal information for the following purposes:
| Purpose | Examples |
|---|---|
| Account creation and authentication | create your account, let you log in, maintain your profile and public QR ID |
| Identity and age verification | verify identity, prevent duplicate or false accounts, support verified 18+ confirmation |
| QR scan and check-in | allow merchants or venues to scan your public ID and confirm check-in or eligibility |
| Membership, loyalty and promotion | manage opt-in promotions, campaign eligibility, campaign response and repeat visit signals |
| Chat and user interaction | deliver 1:1 or group messages and related notifications |
| Security and misuse prevention | protect accounts, investigate suspicious activity, detect abuse, spam or unauthorized access |
| Customer support | answer questions, troubleshoot issues and handle privacy requests |
| Analytics and product improvement | understand aggregate usage, improve features and measure pilot adoption |
| Legal and compliance | respond to lawful requests, protect rights and comply with applicable obligations |
| Communications | send service notices, security alerts, check-in confirmations, chat notifications and consent-based promotions |
We will not use your personal information for a new incompatible purpose without updating this Policy and obtaining consent where required.
6. Merchant Visibility and Merchant Responsibilities
When you choose to present your Tasi ID to a merchant or venue, that merchant may receive limited information necessary for the specific interaction.
Depending on the feature, the merchant may see:
your name or display name;
your public Tasi ID or partial public ID;
a check-in confirmation;
a verified 18+ confirmation where relevant;
membership, loyalty or promotion eligibility;
campaign response or redemption linked to that merchant.
Merchants should not receive:
your full passport number;
your full government ID number;
raw ID document images;
full KYC or verification record;
unrelated profile fields;
private chat content with other users.
Merchants that receive personal information through Tasi ID must use it only for the relevant check-in, verification, membership, loyalty, promotion or support purpose and must protect it with appropriate confidentiality and security measures.
7. How We Share Your Information
We do not sell, rent or trade your personal information. We share information only where necessary and with appropriate safeguards.
| Recipient | Purpose |
|---|---|
| Authorized TasiPay personnel | operate, support, secure and improve Tasi ID |
| Cloud and technology providers | host, store, secure and maintain the service |
| SMS, email and notification providers | send OTPs, service messages, security alerts and notifications |
| Identity verification providers | verify ID documents, selfies, age or liveness where enabled |
| Analytics and crash reporting providers | understand app performance and fix errors |
| Customer support tools | respond to support and privacy requests |
| Merchants and venues you interact with | process scan/check-in, membership, loyalty or promotion features |
| Other users | show messages or content you choose to send in chat |
| Regulators, courts or law enforcement | comply with lawful requests or protect rights, safety and security |
| Corporate transaction parties | support a merger, acquisition, financing or asset transfer, subject to confidentiality and data protection obligations |
Third-party providers that process personal information for us must protect it to standards consistent with this Policy and use it only for the services they provide to us.
8. International Data Transfers
Tasi may store or process personal information in Solomon Islands, the Asia-Pacific region or other countries where our trusted providers operate.
Where personal information is transferred internationally, we use appropriate contractual, technical and organizational safeguards to protect it.
9. Data Retention
We keep personal information only for as long as reasonably necessary for the purposes described in this Policy, unless a longer period is required or permitted by law, security needs, dispute handling or regulatory obligations.
| Data type | Typical retention |
|---|---|
| Account, profile and public ID data | account lifetime plus up to 2 years after closure |
| Identity verification status and audit records | account lifetime plus up to 5 years where needed for trust, legal, security or regulatory evidence |
| ID document images and selfie/face photos | only as long as needed for verification and audit; no longer than 1 year unless legal, regulatory, security or dispute needs require longer |
| Facial biometric templates, if created | deleted or irreversibly anonymized after verification where technically possible |
| Merchant check-in, loyalty and campaign response data |
up to 2 years or until deletion where no legal, security or dispute reason requires retention |
| Chat content | until deleted by the user or account closure, subject to backup cycles and safety/legal holds |
| Support records | up to 3 years after the support case closes |
| Security logs | up to 2 years |
| Crash and diagnostic data | 90 days to 12 months |
| Marketing or promotion consent records | until consent is withdrawn plus up to 1 year |
When retention is no longer necessary, we delete, anonymize or securely archive the information.
10. Security
We use technical and organizational measures designed to protect personal information against unauthorized access, loss, misuse, alteration or disclosure. These measures may include:
encryption in transit;
encryption at rest for sensitive records where appropriate;
access control and role-based permissions;
staff confidentiality obligations;
security logging and monitoring;
vendor security review;
incident response procedures;
backup and recovery controls.
No online service can guarantee absolute security. You are responsible for keeping your account credentials confidential and for notifying us if you believe your account has been compromised.
11. Your Privacy Rights and Choices
Subject to applicable law and verification of your identity, you may request to:
access the personal information we hold about you;
correct inaccurate or incomplete information;
delete your account or personal information where we no longer have a lawful reason to keep it;
withdraw consent for optional processing;
opt out of promotional messages;
restrict or object to certain processing;
receive a copy of certain information in a portable format;
lodge a complaint with a relevant authority.
You can exercise these rights by using the privacy or account settings in the Tasi app, where available, or by emailing privacy@tasipay.com.
We will acknowledge privacy requests within 5 business days where practical and aim to provide a substantive response within 30 calendar days after verifying the request. Complex requests may take longer, and we will notify you where an extension is needed.
12. Account Deletion
If you create a Tasi account, you may request deletion of your account from within the Tasi app under account or privacy settings, or by contacting privacy@tasipay.com.
Deleting your account removes or de-identifies personal information that we are not required or permitted to retain. Some records may be retained for a limited period where necessary for security, fraud prevention, legal compliance, dispute handling, audit or backup integrity.
If you used third-party sign-in, you may also need to revoke Tasi access through that third-party provider.
13. Consent Withdrawal, Notifications and Promotions
You can withdraw optional consent at any time, including consent for:
promotional messages;
push notifications;
precise location, if enabled;
optional demographic or preference fields;
optional profile or chat images.
Withdrawing consent does not affect processing that occurred before withdrawal. Some service or security messages may still be sent where necessary to operate your account or protect the service.
You can opt out of merchant promotions inside the app or by contacting privacy@tasipay.com. After opt-out, you may still receive non-promotional service messages such as account security alerts or check-in confirmations.
14. Children and Age-Restricted Use
Tasi is intended for users who are at least 18 years old, unless a specific approved pilot or use case provides a different lawful onboarding process with appropriate consent.
We do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child where we should not have done so, we will delete it or take other appropriate steps.
Verified 18+ status is used only to confirm eligibility for age-restricted venues or services. A merchant should receive only the verification result, not your full date of birth or identity document.
15. Automated Processing
Tasi may use automated or rule-based processing for:
OTP and login security checks;
duplicate account detection;
identity verification pass, fail or manual review routing;
age verification status;
abuse, spam or fraud detection;
promotion eligibility based on preferences and consent.
Where an automated result materially affects your account access or verification status, you may contact us to request a manual review.
16. Cookies and Similar Technologies
Tasi web pages or dashboards may use cookies, local storage or similar technologies for:
login session management;
security and fraud prevention;
remembering preferences;
analytics and performance measurement.
We do not use cookies or similar technologies for third-party advertising tracking in this version of Tasi.
17. Changes to This Policy
We may update this Policy from time to time. If we make material changes, we will notify users through the app, website or other appropriate channels. The updated Policy will show the latest effective date.
If we introduce wallet, payment, money transfer, regulated financial services, new identity verification methods, third-party advertising tracking or materially different data sharing, we will update this Policy before those changes apply.
18. Contact Us
For privacy questions, requests or complaints, contact:
| Channel | Details |
|---|---|
| Privacy email | privacy@tasipay.com |
| Company | TASI PAYMENT SOLUTION PTY LIMITED |
| Address | Point Cruz, Honiara, Solomon Islands |
| Website | https://tasipay.com |
Please include your name, contact details, Tasi account identifier if available and a clear description of your request.