Pragma Privacy Notice

Last Updated: August 12, 2019


This privacy notice sets out how Pragma and its group entities ("Pragma" or "we") use and protect any information that you provide to Pragma when you visit our website ("the Website") and correspond with us. Pragma is the data controller for our website, and the local Pragma entity with whom you may interact is the data controller for such interactions.

Pragma offers abuse and fraud protection solutions ("Services") to its customers. These Services rely on the analysis of (abnormal) behavior on our customers' websites and platforms which we may compare with and test against historical data in our database. Security and data protection are the cornerstones of our solutions and we wish to be fully transparent about our Services. Insofar as our Services process Personal Information, this Privacy Notice applies.


For purposes of this Privacy Notice, 'Personal Information' means any information from or about a person that either identifies that person directly or that makes that person identifiable when it is combined with other information from or about that person from any source.


Data Collected Automatically

Most of the data we collect in and through the Websites and the Services is technical in nature and is collected and processed automatically through scripts, cookies, and similar software-based technologies. Alone or in combination with other data, such automatically collected data may constitute Personal Information. The data we may collect by automated means may include, without limitation:

  1. Device data: including data on device IDs and similar hardware qualifiers
  2. Websites, applications, and browsers: including data on the existence, characteristics, and behavior of websites, applications, and browsers (e.g., browser type, version, language, preferences)
  3. Network and internet information: including URLs, IP addresses, bounce rates, use of spoofing, active (TCP/IP) ports, originating search engine, number of sessions initiated, click streams, location information, and network/Wi-Fi access points
  4. Information we collect on the use of the Websites via cookies. Please see the section "How do we use cookies" below and our Cookie Notice for more information.

Google Analytics is an element of the Websites. By using cookies, Google Analytics collects and stores data such as time of visit, pages visited, time spent on each page of the Website, the Internet Protocol address, and the type of operating system used in the devices used to access the Website. By using a browser plugin available at provided by Google, you can opt out of Google Analytics.

Data You Provide to Us

When you use the Websites or otherwise communicate with us, we collect data that you provide to us directly. For example, we collect data in the following circumstances: when you sign up for a newsletter, when you contact us via the Websites; and when you otherwise communicate with us. The data you provide to us directly may include, without limitation, the following information that may, alone or in combination with other data, constitute Personal Information:

  1. Information you provide through our 'Contact' section, including your name, company, e-mail, country, inquiry, and any other information you decide to provide
  2. Information you provide via email or using the contact details listed on various parts of the website, including your name, company, and phone number, and any other information you provide to us
  3. Information you provide in order to subscribe to our newsletters and updates, including your email address, the topic for which you wish to receive updates, or any other information you decide to provide us with. You may always unsubscribe from these emails by following the instructions included
  4. If you are one of our customers, suppliers, or prospects, we may process limited Personal Information in the course of our business relationship with you, for example when you place an order, request a demo, or vice versa. Such Personal Information may include your name, company, title, e-mail address, telephone number, address, order details, and where applicable and relevant, credit registrations and credit limits
  5. Transaction and limited (non-PCI) payment data
  6. Other information: We may also collect any other information you may want to share with us, such as Personal Information related to recruitment/job applications. Moreover, if you contact us, a record of this correspondence may be kept.

We may also obtain data from third-party sources such as our customers, data providers, and credit bureaus, where permitted by law.


The Personal Information we collect is primarily processed for and on behalf of our customers and used to provide our abuse and fraud protection solutions on their websites, platforms, and applications. In providing our Services, we obtain feedback from our customers. We process and use this feedback for the legitimate interests of our Customers, their bona fide end-users, and of us providing our Services, preventing fraud, and abuse (including identity and credit card fraud), and securing online websites and environments.

We use the Personal Information you provide to us when you contact us in relation to inquiries, orders, comments, or complaints made by you for conducting business with you and for our legitimate interest in communicating with you about our products and services. With your consent (unless otherwise permitted by applicable law) we use the Personal Information you provide us via our Websites (for example when signing up for our newsletters) to send you information on our products and services, special offers, and other information based on the interests that you have indicated to us. If you do not wish to receive such information, you can indicate so via the details directly below or the links provided in our emails. If you are one of our customers, suppliers, or prospects, we use Personal Information about you to establish and fulfil our contract with you. This may include verifying your identity, communicating with you, and arranging the provision of products and services. We also use Personal Information about you for our legitimate interests of documenting and managing our internal administration.

We use the Personal Information we obtain from the use of the Websites for market research in pursuance of our legitimate interests of improving our products and services and being able to offer our customers and prospects tailored products and services.

In addition to the above, we use the Personal Information in order to comply with applicable laws and for our legitimate purposes of protecting our legal rights, in connection with legal claims, and for compliance, regulatory, and investigative purposes. This may include sharing the Personal Information with third parties, such as governmental authorities or law enforcement officials subject to applicable law.


We may disclose the Personal Information you provide to us or that we collect automatically on the Websites and in and through the Services with the following categories of third parties:

  • Service providers, such as data storage service providers, marketing service providers, accounting service providers, social media platforms you use, communications service providers, and human resources service providers
  • Public authorities, such as law enforcement, if we are legally required to do so or if we need to protect our rights or the rights of third parties
  • Our subsidiaries and affiliates; or a subsequent owner, co-owner, or operator of the Websites and/or the Services and their advisors in connection with a corporate merger, consolidation, restructuring, the sale of substantially all of our stock and/or assets, or in connection with bankruptcy proceedings, or other corporate reorganization, in accordance with this Privacy Notice.


Our Services are set up in such a way that they allow our customers a great deal of control of any (further) use of the Services and Personal Information. As our customers exercise such control and can use and implement the Services to their liking (as detailed in their contract with us), we are not responsible for any further use of our Services and Personal Information (including the combination of the Personal Information with other information) by our customers. If you would like to have more information on how the Services and Personal Information are used by our customers, we invite you to read their respective data protection notices and/or contact them directly.


Where we process Personal Information, individuals are entitled to ask us for an overview of the Personal Information we have about them and also to access, correct, or delete certain Personal Information, restrict processing of their Personal Information, or ask us to transfer some of Personal Information to other organisations. Certain individuals can also object to some processing of their Personal Information and, where we have asked for their consent, they can withdraw their consent at any time. Insofar as Personal Information about them is processed, certain individuals also have a right to know more about the protection we apply when transferring Personal Information to non-EEA countries.

Note that we are not legally obligated to agree to such requests in all circumstances, and in certain circumstances, agreeing to a request may be infeasible – for example, a deletion request when we are required by law to maintain the Personal Information. Please also note that we are not able to act on any of the above requests if we are not in a position to identify an individual filing such a request.

Where applicable, these rights can be exercised by sending us an email through the contact details further below. Depending on where you live, you may have a right to lodge a complaint with a supervisory authority or other regulatory agency if you believe that we have violated any of the rights concerning Personal Information about you. We encourage you to first reach out to us at so we have an opportunity to address your concerns directly before you do so. We are committed to compliance, so please contact us through the details listed below if you have any questions about these rights.


Pragma is an India-based company with domestic and international business clients. As a result, Personal Information that we collect on our Websites and through our Services; may be transferred to our offices in other countries to permit us to comply with our legal and contractual obligations, to provide information and services to prospective and current clients, and to perform related business activities. In addition, we may work with third-party service providers in India and in other countries to support our business activities. Thus, Personal Information may be transferred to, stored on servers in, and accessed from India and countries other than the country in which the Personal Information was initially collected. In all such instances, we use, transfer, and disclose Personal Information solely for the purposes described in this Privacy Notice.


We retain Personal Information about you only for as long as needed for the purposes for which it was collected.

Personal Information is only kept for as long as needed for the purposes described in this Privacy Notice and for our legitimate business purposes, after which it is scrubbed, anonymized, or obfuscated as soon as possible unless otherwise required by applicable legislation.

This typically happens within one (1) year after the initial collection of such Personal Information for the Company's offerings. Historical data will typically be retained for a period of two (2) years after the initial collection.

If you are a customer or supplier of Pragma, Pragma will retain Personal Information about you for the duration of the contractual relationship you or your company has with us and after the end of that relationship for as long as necessary to perform the purposes set out above or to comply with other legal obligations. Personal Information we collect as a result of you subscribing to our newsletter or press releases will be stored until you decide to withdraw your subscription.


We maintain commercially reasonable risk-based security and data protection measures, which include end-to-end encryption for Personal Information in transit and encryption for Personal Information at rest.


Our Websites may contain links to other websites of interest. However, once you have used these links to leave our Websites, we do not have any control over third-party websites. We cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this Privacy Notice. You should exercise caution and review the privacy notice applicable to the website in question.


Pragma does not offer Services to children. If you are under 18, you may use the Services only with the full knowledge and consent of a parent or guardian.


Some of the features on this website require the use of "cookies" - small text files that are stored on your computer's hard drive. We use cookies to measure which pages are being accessed, and which features are most frequently used. This enables us to continuously improve this website to meet the needs of our visitors.


This Privacy Notice may change from time to time, effective from the date mentioned in the updated version of the Privacy Notice. Please check the Websites periodically to review such changes in the Privacy Notice. We may email periodic reminders of our agreements and policies in the event of a change.


If you have any questions or concerns about this Privacy Notice or Pragma's privacy or data security practices, please contact us via the following: