1.1 Finsprint Limited (“Finsprint”), a is a Kenyan licensed data controller responsible for processing your data when you download and use the Finsprint mobile application (“Finsprint App”) hosted on the Google Play Store or when you access our Services through other Channels.
1.2 Finsprint may also act as a data processor for a data controller with whom you have a contractual relationship. In such instances, Finsprint will act in accordance with the instructions given by the data controller.
1.3 If you have any questions about this Privacy Notice, please contact us via email at info@Finsprint.com
1.4 Please read this Privacy Notice and our Privacy Policy carefully to understand our practices regarding your personal data in accordance with the Data Protection Act, 2019. By expressing your acceptance of the terms of this Privacy Notice and our Privacy Policy (through the Finsprint App, or other Channels ), you accept and understand that your personal data will be processed in accordance with this Privacy Notice and our Privacy Policy.
1.5 Finsprint’s Services are not intended for children, and we do not knowingly collect data relating to children.
2.1 “Channels” means any system or medium (including the Finsprint App, Unstructured Supplementary Service Data (USSD) and web whether internet based, mobile device based or not), which may be established by Finsprint from time to time to enable you to access and utilise one or more of the Services.
2.2 “Children” means individuals below the age of eighteen (18) years.
2.3 “Consent” means an express, unequivocal, free, specific, and informed indication of your wishes by a statement or by a clear affirmative action.
2.4 “Customer” or “User” means any individual within the Republic of Kenya to which Finsprint provides its Services.
2.5 “Personal data” means any information relating to an identified or identifiable individual, which shall include Sensitive personal data.
2.6 “Sensitive personal data” means personal data about an individual’s race, health status, ethnic social origin, conscience, belief, genetic data, biometric data, property details, marital status, family details including names of the individual’s child(ren), parent(s), spouse(s), or the individual’s sex or the sexual orientation.
2.7 “Services” refers to the financial products and features provided by Finsprint to Customers through the Finsprint App, through its partner channels, or through other Channels.
2.8 “We”, “Our” and “Us” refer to Finsprint.
3.1 Finsprint will collect personal data from you as you use our Services. This includes the following:
3.2 We also may collect other information about you, your device, and your use of the App or Channels in ways that we describe to you at the time of collection.
3.3 We process your personal data from the following sources:
3.4 If you fail to provide or withhold any or all of the personal data that Finsprint requests, we may be unable to provide you with our Services.
4.1 We will only process your personal data when we have a lawful basis to do so. In most instances, we will process your personal data under one of the following circumstances:
Purpose/activity | Type of data | Lawful basis for processing |
To install the Finsprint App or Channel set up and register you as a new App or Channel user | Device Usage Contact | Your consent |
|
Identity Profile Contact Content Network Location Third Party | Performance of a contract with you |
Identity Profile Contact | Compliance with legal obligations | |
|
Location Third Party | Necessary for our legitimate interests (to safeguard the legitimate use of our Services) |
|
Contact Usage Communications Marketing Third Party | Performance of a contract with you Necessary for our legitimate interests (to keep records updated and to analyse how customers use our products/ Services) |
|
Profile Contact Usage Communications Marketing | Your consent Necessary for our legitimate interests (to develop our products/Services and grow our business) |
|
Identity Profile Contact Financial Transaction Device Content Network Usage Communications Marketing Location Third Party | Performance of a contract with you Necessary for our legitimate interests (for running our business) |
|
Identity Profile Contact Financial Transaction Device Content Network Usage | Necessary for our legitimate interests (to maintain Service quality and for the continuous improvement of our Services) |
|
Communications Marketing Location Third Party |
When you consent to providing us with your personal data, we will also ask you for your consent to share your personal data with the third parties set out below for the purposes set out in the table above.
5.1 Internal Third Parties being other companies in the InVenture Capital Corporation Group acting as joint controllers or processors and who are based in locations outside of Kenya and provide system administration and other shared services within the group.
5.2 External Third Parties such as:
5.3 Third parties to whom we may choose to sell, assign, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this Privacy Notice.
5.4 Any other person that we deem legitimately necessary to share the data with, in all cases in compliance with the Data Protection Act, 2019.
6.1 Your personal data collected by Finsprint shall be stored and processed outside of Kenya in a location where Finsprint or its agents maintain facilities, including the use of cloud storage and cloud computing technology.
6.2 Whenever we transfer your personal data outside of Kenya, we ensure a similar degree of protection is afforded to it by ensuring adequate safeguards are implemented. We ensure your personal data is protected by requiring all our group companies, personnel, and agents to follow the same rules when processing your personal data.
We use automated processing to determine your eligibility for our Services based on the personal data that we collect. Our fraud prevention and data models utilise data science and machine-learning technology with little to no human intervention and are regularly tested to ensure they remain fair, accurate, and unbiased. You may object to the automated processing of your personal data, but doing so will prevent us from providing you with our Services. If you wish to request a reconsideration of an automated decision, you may contact us via email at info@Finsprint.io. Please note that human intervention does not guarantee that the automated decision will be overturned
8.1 Finsprint implements an Information Security Management System to maintain the confidentiality, integrity, and availability of Finsprint’s information resources, in keeping with our commitments, industry standards and global best practices. You may refer to our Privacy Policy for further details on the data governance and security measures that we implement.
8.2 Where you have chosen or have been given a password, PIN or OTP code that enables you to access certain parts of the Finsprint App or Channels portal, you are responsible for keeping this password, PIN or OTP code confidential. Never share this password, PIN or OTP code with anyone. Finsprint will never ask you to provide us with your password PIN or OTP code.
8.3 We have put in place procedures to deal with any suspected breach of personal data and will notify you and any applicable regulatory authority when we are legally required to do so.
9.1 Being a registered reporting institution under the Proceeds of Crime and Anti-Money Laundering Act, as amended (POCAMLA), Finsprint has the obligation to retain certain records for a period of at least seven (7) years or such longer period as the FRC may require, from the date of the relevant transaction or following the termination of an account or business relationship with Finsprint. To ensure Finsprint’s ability to comply with this obligation, Finsprint will retain relevant personal data associated with your account for a period of ten (10) years from the date of the closure of your Finsprint account.
9.2 In some circumstances, such as when you have no outstanding credit balance with Finsprint, you can ask us to close your Finsprint account and delete the associated personal data (subject to Finsprint’s record retention obligations under the POCAMLA as mentioned above): see the section on Your Data Subject Rights below for further information.
9.3 In some circumstances we will anonymise your information such that it will no longer constitute personal data. In such cases we may use anonymised information for whatever legitimate purpose without further notice to you.
10.1 As a data subject, you have the following rights in relation to your personal data:
10.2 You may request that we restrict the processing of your personal data in the following circumstances:
10.2.1 where need to verify the accuracy of data that you are contesting;
10.2.2 where our use of the data is unlawful but you do not want us to erase it;
10.2.3 where the purpose of the processing has been achieved, but the we need your personal data to establish, exercise or defend legal claims;
10.2.4 you have objected to our use of your data but we need to determine whether we have overriding legitimate grounds to use it.
10.3 You have the right to object to the processing of your personal data for direct marketing purposes, and you can opt out of direct marketing communications by asking us not to send you direct marketing messages.
10.4 You may withhold or withdraw your consent in cases where we rely on your consent as the lawful basis for processing of your Personal Data. Doing so may prevent us from providing you with our Services.
10.5 You or your authorised representative can exercise any of these rights at any time, subject to our verification and review, by contacting us via email at hellokenya@Finsprintmobile.com or dpo@Finsprint.co.ke.
11.1 We keep this Privacy Notice under regular review. Changes to this Privacy Notice will be posted on this page and, where appropriate, notified to you through either the Finsprint App or Channels, Website email, or SMS.
11.2 It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during our relationship with you.
Our Services may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. Please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services. Please check these policies before you submit any personal data to these websites or use these services.