Privacy Policy

Stawika Capital Limited and its affiliates (“We” or “us” or “our”) respect the privacy of our users (“user” or “you”). We shall be the data controller of the information you provide to us. This Privacy Policy together with our Terms and Conditions and any additional terms of use applies to your use of:

  1. Stawika mobile application software (“App”) available on our site OR hosted on the Google Play Store (“App Site”), once you have downloaded or streamed a copy of the App onto your mobile device (“Device).
  2. Any of the services accessible through the App (“Services”) or those available on the App Site or other sites of ours or other third-party sites (“Service Sites”).

This Privacy Policy sets out the basis on which any personal data we collect from you, or that you provide to us will be processed by us. It explains how we collect, use, disclose and safeguard information when you visit our App. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By downloading the App, you confirm that you have read, understood and accepted the terms of this Policy set out hereunder. You also consent to the collection, use, storage, processing and disclosure of your personal information in the manner set out in this Policy. Please note that we reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes via the App notifications. You are encouraged to periodically review this Privacy Policy to stay informed of updates.

  1. COLLECTION OF INFORMATION

We may collect and process the following data about you.

  1. Information you submit to us.

This may include information:

  • Provided by filling forms in the App or on the App Site;
  • Provided by corresponding with us (for example by email or chat);
  • Provided by registering to use the App Site, downloading or registering the App, subscribing to any of our Services (such as applying for a loan), searching for an app or service, sharing data via the App’s social media functions, entering a competition, promotion or survey, and reporting a problem with the App, our App Site or any of our Service Sites; and
  • Including your name, address, email address and phone number, the Device’s phone number, SIM card details, age, username, password and other registration information, financial and credit information, personal description and photograph.

 

  1. Information we collect about you and your device.

Each time you visit one of our Sites or use our App, the information we may collect includes but is not limited to the following:

  • Technical information including the type of mobile device you use, unique device identifiers (for example, your Device’s IMEI or serial number), information about the SIM card used by the Device, mobile network information, your Device’s operating system, the type of browser you use, or your Device’s location and time zone setting (“Device Information”);
  • Information stored on your Device including contact lists, call logs, SMS logs, contact lists from other social media accounts, photos, videos or other digital content (“Content Information”);
  • Details of your use of any of our Apps or your visits to any of our Sites including but not limited to traffic data, weblogs and other communication data (“Log Information”).

 

  • Location information.

We may also use GPS technology OR other location services to determine your current location.

  1. Information we receive from other sources.

Due to the nature of Services we provide, we reserve the right to work with a limited number of third parties (including mobile network providers and collection agencies) and may receive information about you from them.

  1. Unique application numbers.

When you install or uninstall a Service containing a unique application number or when such a Service searches for automatic updates, that number and information about your installation, for example, the type of operating system may be sent to us.

  1. Push notifications.

We may occasionally send you push notifications through our App to send you marketing messages and other Service or transaction-related notifications that may be of importance to you. You may at any time opt-out from receiving these types of communications by turning them off at the device level through your settings or through the App settings.

  • Tracking and cookies.

We and our third party providers, including our marketing partners and analytics providers may use mobile tracking technologies and/or website cookies to distinguish you from other users of the App or App Site. This helps us to provide you with a good experience when you use the App or browse any of the sites and also allows us to improve the App and our Sites.

  • Log Information.

As is true of most websites, we gather certain information automatically and store it in log files. This information may include your internet protocol (IP) address, browser type, internet service provider (ISP), referring/exit pages, operating system, data/time stamp, and/or clickstream data. From time to time, we may combine this automatically collected data to other information we collect about you for reasons such as analysis, security, content generation or marketing.

  1. Data Analytics.

We may use the analytics tools and software in order to develop and analyze use of the Service. Analytics companies may access anonymous individual data to help us understand how the Service is used. We may link the information we store within the analytics software to any Personal Information you submit within the mobile applications.

*By uninstalling the App from your Device, you can withdraw consent from accessing your Customer Information/personal data in the future. We may keep and share previously stored Customer Information after the point of uninstall for as long as necessary for the fulfillment of the purposes for which the Customer Information was obtained or for the establishment, exercise or defense of legal claims, or for legitimate business purposes, or as permitted by law.

  1. USE OF YOUR INFORMATION

We collect Customer Information and/or personal data from you for the following purposes, including but not limited to (“Purposes”):

  1. Create and manage your account;
  2. Process your transactions;
  • Verify your identity;
  1. Disburse loans and collect payments for your use of the Service;
  2. Build the credit models and perform credit scoring;
  3. Analyze consumer behavior and generate a personal profile about you to make future visits to the App more personalized;
  • Compile anonymous statistical data and analysis for use internally or with third parties;
  • Allow our partners to fulfill their obligations to you;
  1. Allow us to fulfill our obligations to our partners;
  2. Resolve disputes or troubleshoot problems with the Service;
  3. Comply with applicable laws, financial service rules and regulations such as those relating to Know-Your-Customer, Anti-Money Laundering and Counter-Terrorist Financing requirements;
  • Detect and prevent fraud and other illegal uses of the Service;
  • Send you marketing notices, service updates and promotional offers;
  • Contact you by telephone using auto-dialed or pre-recorded message, calls or text (SMS) messages (if applicable) as authorized for the purposes described in this Privacy Policy.

 

  1. DISCLOSURE OF YOUR INFORMATION

By using our Service, you agree that we may, as necessary and appropriate for the Purposes, transfer and disclose any Customer Information and/or personal data to the following recipients globally (who may process, transfer and disclose such Customer Information for the Purposes):

  1. Any member of Stawika and its affiliates (including directors, officers and employees), sub-contractors, agents and service providers;
  2. Persons acting on your behalf, payment recipients, beneficiaries, account nominees, intermediary, correspondent and agent banks, clearing houses, clearing or settlement systems, market counterparties, upstream withholding agents, swap or trade repositories, stock exchanges, companies in which you have an interest in securities (where such securities are held by us for you);
  • Any financial institution or credit reference agencies for purposes of obtaining credit references;
  1. Any party in connection with a proposed business transfer, disposal, merger or acquisition of Stawika where its customers will be one of the transferred assets, provided that if the jurisdiction of the transacting party does not have data protection laws, such party has provides an adequate level of protection as the jurisdiction in which the Services are supplied;
  2. Third-party service providers under contract with Stawika that assist us with our business operations such as transaction processing, fraud prevention and marketing. We undertake to share your personal information with these companies only as necessary to provide you with our Service;
  3. Law enforcement, government officials or other third parties, but only (i) in connection with a formal request, discovery, court order or similar legal procedure, (ii) when we believe in good faith that disclosure in necessary to comply with the law, prevent physical harm or financial loss, report suspected illegal activity or to investigate violations of our Terms and Conditions; or
  • Any other legal permissible purpose.

 

  1. YOUR PERSONAL DATA RIGHTS

Under the Data Protection Act of Kenya, 2019, you have a number of rights when it comes to your personal data:

  1. The Right to be Informed

You have the right to be provided with clear, transparent and easily understandable information about how we use your personal information and your rights. This is why we are providing you with the information in this Privacy Policy.

  1. The Right or Access

You have the right to obtain a copy of your information that we hold and certain other information (similar to that provided in this Privacy Policy).

  • The Right of Rectification

You are entitled to have your information corrected if it is inaccurate or incomplete.

  1. The Right of Erasure

This is also known as the “right to be forgotten” and, in simple terms, enables you to request the deletion or removal of your information where there is no compelling reason for us to keep using it. This is not a general right to erasure, there are exceptions.

  1. The Right to Restrict Processing

You have the right to ‘block’ or suppress further use of your information. When processing is restricted, we can still store your information, but may not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in future.

  1. The Right to Data Portability

You have the right to obtain and reuse your personal data for your own purposes across different services.

  • The Right to Object Processing

You have the right to object to certain types of processing, including processing based on our legitimate interests and processing for direct marketing (i.e. if you no longer want to be contacted with potential opportunities).

  • The Right to Lodge a Complaint

You have the right to lodge a complaint about the way we handle or process your personal data with the Office of the Data Protection Commissioner of Kenya.

  1. The Right to Withdraw Consent

If you have given consent to anything we do with your personal data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your personal data for marketing purposes.

 

  1. STORAGE OF YOUR PERSONAL INFORMATION

Your Customer Information and/or personal data will generally be stored in Stawika databases and maintained by our trusted service providers. Many of these databases are stored on servers located in Kenya. Stawika takes appropriate measures, by contract or otherwise, to provide adequate protection for personal information that is disclosed to a third party or transferred to another country, including transfers within Stawika. Stawika maintains reasonable safeguards to protect confidentiality, security and integrity of your personal information. Although we use security measures to help protect your personal information against unauthorized disclosure, misuse, or alteration, as in the case with all computer networks lined to the Internet, we cannot guarantee the security of information provided over the Internet and will not be responsible for breaches of security beyond our reasonable control. Stawika shall not be held accountable or legally liable for any data breach, misuse, disclosure or unlawful sharing due to the fault of its users’ failure to protect and secure their username and password or other form of negligence. Any password that has been given to you or chosen by you, for purposes of accessing our Services, should be kept confidential and not shared with any third party.

  1. CONTACT US

Our users’ privacy is of utmost importance to us. We are committed to safeguarding the information entrusted to us and continuously update this Privacy Policy to ensure that users’ rights with regards to personal data are respected. If you have any questions or comments about this Privacy Policy, please contact us at [email protected].