We understand your concerns around data collection and privacy security and would firstly like to assure you that the privacy and protection of our customers’ data is of utmost importance to us.
We at CardUp respect the privacy and confidentiality of such personal data, and have implemented policies and practices to safeguard this data provided to us by using the same 128-bit encryption and physical security that the banks use.
The information is collected in order to validate that this is a genuine transaction in exchange for a product or service. It is also required for us to verify the identities of both parties in the transaction.
Since peer to peer payments are not possible on CardUp due to certain restrictions for payments made via credit cards we have to comply with, this additional information is required by us to to establish that the transaction is made for an officially registered tenancy arrangement (as both parties are often individuals).
Under the PDPC, we are also permitted to collect your NRIC number to facilitate this verification, ensuring that when you make a payment using our service, we may be able to positively identify you as the individual who both registered with us and made the payment.
For your payments, CardUp does not manage or store your full card number details.
Instead, this is managed via a PCI Level 1 Service Provider and approved payment gateway certified to the highest level of Payment Card Industry Data Security Standards (PCI-DSS).