1. INTRODUCTION

1.1 ZAZIPAY INTERNATIONAL LIMITED (referred to as the ‘Site’ ,’us’, ’we’ ,’our’). respects your privacy and is committed to protecting your personal data. This privacy policy (and any other documents referred to on it) (Privacy Policy) sets out the basis on which any personal data we collect from you, that you provide to us, or that is otherwise made available to us will be processed by us in light of the relationship you have or may have a relationship with us. This policy will inform you as to how we look after your personal data when you hold an account with us, use our products or services, or visit our website (regardless of where you visit it from) and tell you about your privacy rights and how the law protects you. Please ensure that you (referred to as the ‘User’, ‘you’ or ‘your’) read carefully to understand our views and practices regarding your personal data and how we will treat it. By accepting our terms and conditions you are accepting and consenting to the practices described in this policy.

1.2 This statement should be read together with our Terms and Conditions for products and services.

1.3 Personal data is information relating to our customer or potential customers, suppliers (hereafter referred to “you” or “your”)

2. STATEMENT OF DETAILS

2.1 We collect, use and share aggregated data such as statistical or demographic data. Aggregated data could be derived from your personal data but is not considered personal data in law as this data will not directly or indirectly reveal your identity.

3. COLLECTION OF INFORMATION

3.1. We will collect and process your personal information/ data from the following sources/with your knowledge and consent when you do any of the following (please note that this list is not exhaustive):

• Apply for our products or services;
• Open an account(s) with us;
• Subscribe to our services or publications;
• Request marketing information to be sent to you;
• Enter a competition, promotion or survey; or
• Give us feedback or contact us.
• When you ask for more information about a product or service or contact us with a query or complaint;
• You respond to or participate in a survey, marketing promotion, prize competition or special offer;
• Information we receive from other sources:
• When you visit any of our premises.
• When you interact with our sales agents they may collect personal information

3.2. We may also collect your information or receive your personal information from various third parties to whom you have consented and public sources including but not limited to: credit-reference bureaus, fraud prevention agencies and business directories; court registries; companies registry, lands registry and other government registries; service providers we interact or integrate with now or in future; Integrated Personal Registration Systems, Kenya Revenue Authority and the National Transport and Safety Authority database.

3.3. We may also collect information about you from other publicly accessible sources not listed above. We may also collect information about you from trusted partners, not listed above, who provide us with information about potential customers of our products and services;

4. THE DATA WE COLLECT

4.1 We may collect, use, store and transfer different kinds of Personal Data about you which we have grouped as follows:

• Identity data which includes name, username or similar identifier, Identity card/Passport number, PIN number, photo, marital status, symbol, fingerprints, race, pregnancy status, nationality, ethnic or social origin, color, age, title, date of birth and gender, and any other similar information;
• Contact data which includes billing address, postal address, physical address, email address and telephone numbers;
• Financial data which includes any bank account details, card payment details and other electronic or non-electronic payment details; earnings ; payslips, bank statements
• Transaction data which includes details about payments to and from you and other details of products and services you have acquired from us;
• Technical data which includes internet protocol (IP) address, your login identity data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our systems;
• Your contact with us, such as when you: call us or interact with us through social media(we may record your conversations, social media or other interactions with us)
• Usage data which includes information about how you use our website, products and services;
• Marketing and communications data which includes your preferences in receiving marketing information from us and our third parties and your communication preferences;

5. HOW WE USE YOUR PERSONAL DATA

5.1 We may use and analyze your information for the following purposes:

• Processing applications for products and services, effecting payments, transactions and completing instructions or requests
• Responding to any of your queries or concerns;
• Verifying your identity information through publicly available and/or restricted
• Government databases in order to comply with applicable regulatory requirements;
• Assessing suitability for products and service.
• Carrying out credit checks and credit scoring;
• Keeping you informed generally about new products and services and contacting you with many new product unless you opt out of receiving such marketing messages (you may contact us at any time to opt out of receiving marketing messages or by sending stop to the number provided in the sms);
• To comply with any legal, governmental or regulatory requirement or for use by our lawyers in connection with any legal proceedings;
• In business practices including to quality control, training and ensuring effective systems operations;
• To understand how you use our products and services for purposes of developing or improving products and services;
• Preventing and detecting fraud or other crimes and for debt recovery
• For research, statistical, survey and other scientific or business purposes;
• Provide aggregated data (which do not contain any information which may identify you as an individual) to third parties for research and scientific purpose;
• Administer any of our online platforms/websites.

6. LEGAL BASIS FOR PROCESSING YOUR INFORMATION

6.1 We will process your personal information based on any of the lawful basis provided for under the Data Protection Law:

• The performance of a Product/Service Agreement with you;
• our legitimate business interests;
• compliance with a mandatory legal obligation;
• consent you provide;
• public interest;
• your vital interest.

7. RETENTION OF INFORMATION

7.1 We retain your personal data in line with our legal and regulatory obligations and for business and operational purposes. In the majority of cases this will be for seven years from the end of your relationship with us.
7.2 Anonymized information that can no longer be associated with you may be held indefinitely.

8. DISCLOSURE OF INFORMATION

8.1 Any disclosure of your information shall be in accordance with applicable law and regulations. The company shall assess and review each application for information and may decline to grant such information to the requesting part.

8.2 We may disclose your information to:

• law-enforcement agencies, regulatory authorities, courts or other statutory authorities in response to a demand issued with the appropriate lawful mandate and where the form and scope of the demand is compliant with the law.
• Our associates, partners, software developers or agents who are involved in delivering the company’s products and services you order or use;
• Fraud prevention and Anti money laundering agencies, credit- reference agencies;
• Publicly available and/or restricted government databases to verify your identity information in order to comply with regulatory requirements;
• third parties who are service providers acting as processors, professional advisers including lawyers, bankers, auditors and those who provide consultancy, banking, legal, insurance and accounting services;
• other companies and financial institutions that we work with to provide services to you e.g. credit card service providers, mobile technology service providers, credit reference bureaus, employers, debt collection agencies and outsourced services vendors; survey agencies that conduct surveys on behalf of the company;Any other person that we deem legitimately necessary to share the data with

8.3. We shall not release any information to any individual or entity that is acting beyond its legal mandate.

9. MARKETING

9.1. We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising. We have established the following personal data control mechanisms;

9.2. Promotional offers from us: We may use your identity, contact, technical, usage and profile data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant to you. You will receive marketing communication from us if you have requested information or used our products and services and not opted out of receiving such information.

9.3. Third-party marketing: we may share your Personal Data with any third party for marketing purposes where we believe that the marketing information from such third parties will be relevant to you and where we have obtained your prior consent.

10. OPTING OUT

10.1. You can ask us or third parties to stop sending you marketing messages at any time by writing to us or logging into the relevant website and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out links on any marketing message sent to you or by contacting us at any time through the provided contacts.

10.2. Where you opt-out of receiving these marketing messages, this will not apply to Personal Data provided to us as a result of product or service subscribed to, warranty registration, product or service experience or other transactions.

11. ACCESS TO AND UPDATING YOUR INFORMATION

11.1.       If you believe that our records contain inaccurate or incomplete information about you, please visit any of our branch outlets to make the necessary amendments. Some changes will only be made once the necessary supporting documentation has been obtained. We will take reasonable steps to investigate your concerns and correct inaccurate information in a timely manner.

12. SAFEGUARDING AND PROTECTION OF INFORMATION

12.1. The company has put in place technical and operational measures to ensure integrity and confidentiality of your data via controls around: access control, physical and environmental security and monitoring and compliance;

12.2. We will only retain your Personal Data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your Personal Data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

12.3. By law we have to keep basic information about our customers (including contact, identity, financial and transaction data) for a minimum of seven years after they cease being customers. Our internal policy as amended from time to time may also require us to keep customer data for a longer period.

12.4. In some circumstances, we will anonymize your Personal Data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

13. YOUR RIGHTS

13.1. Subject to legal and contractual exceptions, you have rights under data protection laws in relation to your personal data. These are listed below: –

13.1.1. Right to be informed that we are collecting personal data about you;

13.1.2. Right to access personal data that we hold about you and request for information about how we process it;

13.1.3. Right to request that we correct your personal data where it is inaccurate or incomplete;

13.1.4. Right to request that we erase your personal data noting that we may continue to retain your information if obligated by the law or entitled to do so;

13.1.5. Right to object and withdraw your consent to processing of your personal data. We may continue to process if we have a legitimate or legal reason to do so;

13.1.6. Right to request restricted processing of your personal data noting that we may be entitled or legally obligated to continue processing your data and refuse your request;

If you wish to exercise any of the rights set out above, please contact us on info@zazipay.com

13.2. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

13.2. We may also contact you to ask you for further information in relation to your request to speed up our response.

13.3. We try to respond to all legitimate requests within reasonable time. Occasionally it could take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

14. HOW TO CONTACT US

If you would like to contact us on any topics in this privacy policy, you can email us on info@zazipay.com or submit a request via our digital platforms. Our contact details as a Data Controller are as follows:

• Legal Manager
• Zazipay International Limited
• P.O Box 21798-00100 Nairobi
• Tel: +254 700 222 324
• https://www.zazipay.com

15. RIGHT TO LODGE COMPLAINT

You have the right to lodge a complaint with the relevant supervisory authority that is tasked with personal data protection within the republic of Kenya

16. CHANGES TO THIS PRIVACY POLICY

A copy of this policy can be downloaded here https://www.zazipay.com/ We may modify or update this policy from time to time. Where the changes will have a fundamental impact on the nature of the processing of your data or your rights, we shall notify you in advance.

By enrolling for our services or entering into any contractual arrangements with us, you confirm that you have read, understood and accepted to be bound by the terms and conditions of this Privacy Policy.

Last Updated; 10^th September 2021.