1. Introduction
Welcome to FinFlo. We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how FinFlo collects, uses, discloses, and safeguards your information when you use our mobile applications and services.
2. Information We Collect
2.1 Personal Information
When you register and use FinFlo services, we collect:
- Identity Information: Full name, phone number, email address, date of birth
- KYC/KYB Documents: National ID, passport, proof of address, business documents
- Financial Information: Transaction history, wallet balance, bank details, credit score
- Device Information: Device ID, model, OS version, IP address
- Location Information: Approximate location for finding nearby agents
2.2 Transaction Information
We collect details about your transactions including payment amounts, recipients, timestamps, and transaction types (P2P, C2B, A2C, A2M, SERVICE, etc.).
2.3 Usage Information
We automatically collect app usage patterns, features accessed, error logs, and performance data.
3. How We Use Your Information
- Service Provision: Account management, transaction processing, customer support
- Security & Fraud Prevention: Identity authentication, fraud detection, regulatory compliance
- Communication: Transaction notifications, service updates, marketing (with consent)
- Service Improvement: Analytics, feature development, bug fixes
- Legal Compliance: Regulatory requirements, legal requests, terms enforcement
4. Information Sharing and Disclosure
We may share your information with:
- Service Providers: Payment processors (GMPay), cloud services, analytics, SMS/email providers
- Financial Institutions: Banks and mobile money operators for transactions
- Legal Requirements: Court orders, government requests, regulatory investigations
- Business Transfers: In case of merger, acquisition, or asset sale
5. Data Security
🔒 Technical Safeguards
- Encryption: SSL/TLS for data transmission, encrypted database storage
- PIN Protection: Hashed PINs, never stored in plain text
- Biometric Authentication: Fingerprint and face recognition support
- Token-Based Authentication: Secure JWT tokens for API access
6. Data Retention
We retain your personal information as long as necessary to provide services and comply with legal obligations.
7. Your Rights and Choices
- Access & Portability: Request access to your personal information and data export
- Correction: Update personal information through app settings
- Deletion: Request account and data deletion (subject to legal requirements)
- Opt-Out: Disable marketing communications and push notifications
- Withdraw Consent: Revoke consent for data processing
8. Children's Privacy
9. Biometric Data
If you enable biometric authentication, your biometric data is stored securely on your device only and is never transmitted to our servers.
10. Regulatory Compliance
FinFlo operates in compliance with:
- Data Protection Act of Uganda (2019)
- Anti-Money Laundering (AML) regulations
- Know Your Customer (KYC) requirements
- Financial services regulations
11. Changes to This Privacy Policy
We may update this policy from time to time. We'll notify you of material changes through the app and by updating the effective date. Your continued use constitutes acceptance of the updated policy.