Privacy Policy Africa & UK

Purpose

Chipper Technologies (UK) LTD and affiliated subsidiaries of Critical Ideas, Inc. (“we” or “us” or “our”) respect the privacy of our users (“user” or “you”). We’ll be the controller of the information you provide to us. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our mobile application (the “Application”). Please read this Privacy Policy carefully. Please note that we reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes via in Application notifications. You are encouraged to periodically review this Privacy Policy to stay informed of updates. This Privacy Policy does not apply to the third-party online/mobile store from which you install the Application or make payments, including any in-game virtual items, which may also collect and use data about you. We are not responsible for any of the data collected by any such third party.

Effective Date

Upon Issuance.

A. Collection of Your Information

We may collect information about you in a variety of ways. The information we may collect via the Application depends on the service you use and includes:

I. Personal Data

Demographic and other personally identifiable information (such as your name and email address) that you voluntarily give to us when choosing to participate in various activities related to the Application, such as chat, posting messages in comment sections or in our forums, liking posts, sending feedback, and responding to surveys. If you choose to share data about yourself via your profile, online chat, or other interactive areas of the Application, please be advised that all data you disclose in these areas is public and your data will be accessible to anyone who accesses the Application. We may also collect information related to your national identification card number and require a self-portrait to verify your identity as per the requirements of Anti-Money Laundering and Counter-Terrorism Financing legislation. That information along with other personally identifying information about you will be shared internally and may also be shared externally with our compliance, banking, aggregation and product offering partners that undertake automated review of your information: (i) against relevant government maintained sanctions lists and lists of politically exposed persons, (ii) for purposes of facial recognition against government provided identification documents, (iii) for accuracy against national databases, (iv) for confirming your identity against other relevant databases such as those maintained by companies providing credit reports, and (v) for the purpose of monitoring transactions for fraudulent and other illegal activities.

II. Derivative Data

The information our servers automatically collect when you access the Application, such as your native actions that are integral to the Application, as well as other interactions with the Application and other users via server log files.

III. Financial Data

Financial information, such as data related to your mobile money account and payment method that we may collect when you purchase, order, return, exchange, or request information about our services from the Application. Please note that we store only very limited, if any, financial information that we collect in line with regulatory requirements for safeguarding such information. Otherwise, all financial information is stored by our payment processor.

IV. Mobile Device Access

We may request access or permission to certain features from your mobile device, including your mobile device’s camera (for the purpose of “selfies” used for identification verification), contacts (for the purpose of engaging contacts to join you on the Application), SMS messages (which we may use in the future to simplify your login to the Application), storage (for storing your profile picture for the Application), and potentially GPS (for anti-fraud, Application security purposes) and other features. If you wish to change our access or permissions, you may do so in your device’s settings. It should be noted that like other Applications, we will have access to your device fingerprint which identifies the specific device used for the Application.

V. Mobile Device Data

Information such as your mobile device ID number, model, and manufacturer, version of your operating system, phone number, country, location, and any other data you choose to provide.

VI. Push Notifications

We may request to send you push notifications regarding your account or the Application. If you wish to opt out from receiving these types of communications, you may turn them off in the application under the settings tab.

VII. Third Party Data

Information from third parties, such as personal information or network friends, if you connect your account to the third party and grant the Application permission to access this information.

VIII. Data from Contests, Giveaways, and Surveys

Personal and other information you may provide when entering contests or giveaways and/or responding to surveys.

B. Use of Your Information

I. Legal Basis for Using Your Personal Information

Under data protection law, we can only use your personal information if we have a proper reason for doing so. In order to use your personal information, we rely on the following legal bases:

  • processing is necessary for us to be able to provide our products and services to you in accordance with our Terms of Use;
  • processing is necessary to comply with our legal obligations;
  • processing is necessary for the purposes of legitimate business interests pursued by us (see more details below); and
  • you have provided consent to the processing of your personal data for a specific purpose.

II. How We Use Your Information

Having accurate information about you permits us to provide you with a smooth, efficient, and customized experience. Specifically, we may use information collected about you via the Application to:

  • Create and manage your account.
  • Compile anonymous statistical data and analysis for use internally or with third parties.
  • Deliver targeted advertising, coupons, newsletters, and other information regarding promotions and the Application to you.
  • Email you regarding your account.
  • Enable user-to-user communications.
  • Fulfill and manage transactions related to the Application.
  • Generate a personal profile about you to make future visits to the Application more personalized.
  • Increase the efficiency and operation of the Application.
  • Monitor and analyze usage and trends to improve your experience with the Application.
  • Notify you of updates to the Application.
  • Offer new products, services, mobile applications, and/or recommendations to you.
  • Perform other business activities as needed.
  • Authenticate your information for the purposes of performing anti-fraud, anti-terrorism and other safety and security reviews.
  • Prevent fraudulent transactions, monitor against theft, and protect against criminal activity.
  • Process payments and refunds.
  • Request feedback and contact you about your use of the Application.
  • Resolve disputes and troubleshoot problems.
  • Respond to product and customer service requests.
  • Send you a newsletter.
  • Solicit support for the Application.

III. Automated Decision Making

We use an automated decision making system to determine whether a user has provided appropriate authentication to engage with the application, including verification of personally identifiable information (“PII”). This includes: (i) matching PII against national databases, publicly available information, sanctions lists, lists of politically exposed persons and other databases that provide information on potentially illegal activity; (ii) comparison by facial recognition of your selfie image against the image provide with your identification document or other database containing your image; and (iii) tracking your PII in the context of automated monitoring of transactions undertaken by you to look for potentially fraudulent or illegal activity. In the event that we receive an automated report that there is a discrepancy, insufficiency or inaccuracy in the information provided by you, we receive a response from a service provider that your information appears on a list that prohibits our engaging with you, suggests the potential for fraudulent or illegal activity, or if our automated transaction monitoring uncovers the potential for your transactions to be fraudulent or illegal, our compliance and customer service teams will engage to review the background information that generated the automated response and determine if the information provided about you is incorrect and we can proceed to either onboard you as a user or continue to allow your use of the Application and if there are still a need for additional information, we may contact you (most likely via SMS message or email) to seek additional information or clarification. If we are unable to continue with you as a user on our platform, we may provide you with the basis for the decision.

You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal consequences for you or similarly significant effects. While we’re confident that the technology works, we understand that not everyone is comfortable with decisions being left entirely up to machines.

You have the right to object to an automated decision and ask that a person reviews it and/or to ask that we do not make our decision based on the automated score alone. If you want to know more about these rights or have any questions about our automated decision making processes, please contact us on using the details at the end of this Privacy Policy.

C. Disclosure of Your Information

We may share information we have collected about you in certain situations. At no time will our database of users ever be sold to any entity for the purpose of marketing or mailing lists.

Your information may be disclosed as follows:

I. By Law or To Protect Rights

If we believe the release of information about you is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share your information as permitted or required by any applicable law, rule, or regulation. This includes exchanging information with other entities for financial regulation, fraud protection, prevention of terrorism, anti-corruption, money laundering, and credit risk reduction including but not limited to:

  • government-provided to companies like CSI (www.csiweb.com) and Dow Jones (www.dowjones.com) for the purpose of reviewing your information against relevant government-maintained sanctions lists, lists of politically exposed persons, and persons of special interest (adverse media),
  • to companies like Smile Identity (www.smileidentity.com) and Onfido (www.onfido.com) for purposes of facial recognition against government-provided identification documents and/or for confirming accuracy against national databases,
  • to companies like Idology (www.Idology.com), Trulioo (www.trulioo.com), and Experian (wwww.Experian.com) for confirming your identity against other relevant databases such as those maintained by companies providing credit reports,
  • to companies like Unit 21 (www.unit21.ai) for the purpose of monitoring transactions for potentially fraudulent and illegal activities;
  • The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found in (https://www.railsbank.com/privacypolicy) and,
  • to banking partners, aggregators, product and service-providing partners, and others for the purpose of their independent performance of the activities set forth in subsections (i)-(iv) immediately above.
  • The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found by (LINK TO PAYRNET FPN).

II. Third-Party Service Providers

We may share your information with third parties that perform services for us or on our behalf, including payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance.

III. Marketing Communications

Where it is necessary for our legitimate business interests, we may use your personal data to promote our products or services to you. Where you have provided your consent, we may also share your information with third parties for marketing purposes, as permitted by law. You may withdraw your consent to receive marketing messages at any time by setting your preferences in the Application settings, or by following the opt-out link contained in our marketing emails.

IV. Interactions with Other Users

If you interact with other users of the Application, those users may see your name, profile photo, and descriptions of your activity, including sending invitations to other users, chatting with other users, liking posts, following blogs.

V. Third-Party Advertisers

We may use third-party advertising companies to serve ads when you visit the Application. These companies may use information about your visits to the Application and other websites that are contained in web cookies in order to provide advertisements about goods and services of interest to you.

VI. Affiliates

We may share your information with our affiliates. Affiliates include our parent company (Critical Ideas Inc.) and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us including

  • Ghana - Critical Ideas Inc. Ltd
  • Kenya - Chipper Technologies Kenya Ltd
  • Mauritius - Chipper Technologies Mauritius Ltd
  • Nigeria - Voyse Technologies Nigeria Ltd
  • Rwanda - Chipper Technologies Rwanda Ltd
  • Tanzania - Chipper Cash Technologies Tanzania Ltd
  • Uganda - Chipper Technologies Uganda Ltd

VII. Business Partners

With your consent, we may share your information with our business partners to offer you certain products, services or promotions.

VIII. Other Third Parties

We may share your information with advertisers and investors for the purpose of conducting general business analysis.

IX. Sale or Bankruptcy

If we reorganize or sell all or a portion of our assets, undergo a merger, or are acquired by another entity, we may transfer your information to the successor entity. If we go out of business or enter bankruptcy, your information would be an asset transferred or acquired by a third party. You acknowledge that such transfers may occur and that the transferee may decline honor commitments we made in this Privacy Policy.

We are not responsible for the actions of third parties with whom you share personal or sensitive data, and we have no authority to manage or control third-party solicitations. If you no longer wish to receive correspondence, emails or other communications from third parties, you are responsible for contacting the third party directly.

D. Transferring Your Personal Information Out of the UK or EEA

It is sometimes necessary for us to share your Personal Information outside the UK or European Economic Area (EEA). These transfers are subject to special rules under European and UK data protection law. Not all non-EEA countries have the same data protection laws as the UK and EEA. We will, however, ensure the transfer complies with data protection law and all personal information will be secure. Under the data protection law it is also necessary to make these safeguards available to data subjects if they request.

If you would like further information please contact us (see ‘Contact Us’ below).

E. Security of Your Information

We use administrative, technical, and physical security measures to help protect your personal information. While we have taken reasonable steps to secure the personal information you provide to us, please be aware that despite our efforts, no security measures are perfect or impenetrable, and no method of data transmission can be guaranteed against any interception or other type of misuse. Any information disclosed online is vulnerable to interception and misuse by unauthorized parties. Therefore, we cannot guarantee complete security if you provide personal information.

Policy for Children

If you no longer wish to receive correspondence, emails, or other communications from us, you may opt-out by:

  • Noting your preferences at the time you register your account with the Application
  • Logging into your account settings and updating your preferences.
  • Contacting us using the contact information provided below

If you no longer wish to receive correspondence, emails, or other communications from third parties, you are responsible for contacting the third party directly.

G. Your Rights

Under data protection law, you have a number of rights when it comes to your personal data:

I. The Right to be Informed

You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we’re providing you with the information in this Privacy Policy.

II. The Right of Access

You have the right to obtain a copy of your information that we hold, and certain other information (similar to that provided in this Privacy Policy).

III. The Right of Rectification

You are entitled to have your information corrected if it’s inaccurate or incomplete.

IV. The Right to Erasure

This is also known as ‘the right to be forgotten’ and, in simple terms, enables you to request the deletion or removal of your information where there’s no compelling reason for us to keep using it. This is not a general right to erasure; there are exceptions.

V. The Right to Restrict Processing

You have rights to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.

VI. The Right to Data Portability

You have rights to obtain and reuse your personal data for your own purposes across different services.

VII. The Right to Object to Processing

You have the right to object to certain types of processing, including processing based on our legitimate interests and processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).

VIII. The Right to Lodge a Complaint

You have the right to lodge a complaint about the way we handle or process your personal data with your national data protection regulator. The national data protection regulator in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns or telephone: 0303 123 1113.

IX. The Right to Withdraw Consent

If you have given your consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.

H. How Long Will We Keep Your Personal Information

We will keep your personal information while we are providing products and services to you. Thereafter, we will keep your personal information for as long as is necessary:

  • to respond to any questions, complaints or claims made by you or on your behalf;
  • to show that we treated you fairly; and
  • to keep records required by law.

We will not retain your personal information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information. Further details on this are available on request using the contact details set out below.

When it is no longer necessary to retain your personal information, we will delete or shred it as necessary.

Record Retention

Records regarding this procedure must be maintained in accordance with Chipper Cash’s Data Retention Policy or as required by local or country regulations, whichever is longer.

Periodic Testing

Periodic testing on a risk-based frequency of the requirements of this procedure and testing criteria are determined under the AML Policy, in accordance with its requirements, and may include testing on systems upon which these controls are reliant.

Contact Us

Our users' privacy is very important to us. We are committed to safeguarding the information entrusted to us and will continually update this policy to ensure that users’ rights with regards to personal information are respected. If you have questions or comments about this Privacy Policy, please contact us at support@chippercash.com.