top of page

PRIVACY POLICY

Effective Date:  03 October 2025

Who we are

 

Gimlet Labs Ltd. (“we”, “us”, “our”) is a Payment Intermediary Services (PIS) provider regulated in Mauritius. For the purposes of the Data Protection Act 2017, we act as a data controller when we determine the purposes and means of processing your personal data.

 

If you are a business customer, please share this policy with your authorised users, directors, shareholders and UBOs whose data you submit to us.

 

Contact (Data Protection Officer):

Email: support@gimlet.biz

Address: 4th Floor, Ebene Skies, Rue de L'institut, Ebene 80817

 

 

What data we collect

 

  • Identification: name, national ID/passport, DOB, nationality, addresses, business documents, and verification artefacts.

  • Contact: email, phone, correspondence.

  • Financial & transactional: payment instructions, counterparties, account identifiers

  • Technical: device identifiers, IP address, logs needed to provide and secure our services.

 

We only collect personal data where it is necessary and lawful for our functions/activities.

 

 

How and why we use your data

 

We process personal data to:

 

  • Provide services & perform contracts with you

  • Comply with legal obligations

  • Protect legitimate interests, including fraud prevention, security, service integrity, and defending legal claims—balanced against your rights.

 

With your consent, for specific optional features or communications; you may withdraw consent at any time. Please contact our Data Protection Officer at support@gimlet.biz

 

 

Your privacy rights

 

Under the DPA 2017, you have the right to:

 

  • Rectify inaccurate data and, where applicable, erase data in the circumstances the law provides.

  • Withdraw consent where processing relies on consent.

 

To exercise rights, contact us using the details above. We will respond to all valid data subject requests within 30 days, as required by the DPA 2017.

 

 

Security

 

We implement appropriate technical and organisational measures to protect personal data.

 

 

Data retention

 

We keep personal data only for as long as necessary for the purposes collected and to meet legal/contractual obligations.

 

 

Changes to this policy

 

We may update this policy from time to time. We will post any changes here with a new “Last updated” date.

 

 

Contact Us

 

If you have concerns, please contact our Data Protection Officer.

bottom of page