Privacy Policy

Introduction

We value our customer’s confidence, and protecting your right to privacy is important to us. This Privacy Policy details the systems, procedures, and checks that protect and govern the manner in which Girls First Finance ("GFF") collects, uses, maintains, and shares information about visitors to our mobile application (the "App").

As a user, you agree to the terms, conditions, and adherence to the statutory and regulatory policies and restrictions that govern the use of the App, thus constituting a legal agreement between you and GFF. We may change, suspend, or discontinue any feature of this App, at any time, including the availability of any feature, database, or content therein. IF YOU DO NOT AGREE TO ABIDE BY THIS POLICY, DO NOT USE THIS APP. YOUR CONTINUED USE OF THIS APP FOLLOWING THE POSTING OF ANY CHANGES TO THIS POLICY CONSTITUTES YOUR ACCEPTANCE OF SUCH CHANGES.

Your personal information is processed by or on behalf of the data controller, located at Amazon AWS, Ashburn Data Center, located at 21155 Smith Switch Road, Ashburn, VA, USA

Information We Collect

On visiting or using our mobile or web application, you will be prompted to accept GFF’s collection of profile information, usage information, and location. Specifically, we may collect the following information about you:

Personal Information Collected	Examples
Profile information	Your name (including any nickname or alias you have used), bio, date of birth, social media handles (e.g., Instagram, LinkedIn, Twitter, Facebook, Tik Tok), website, hashtags, and profile picture. Apart from name, hashtags, and profile picture, all other information can be made public or kept private, per the user’s preference.
Contact information	Email, phone number, address (city/state/country is visible to others by default. All other information can be public or private, per the user’s preference.
Professional information	Employer’s name, office address, and business email can be made public or kept private, per the user’s preference.
App activity	Shows you a summary of activity for the services you have accessed on the app
Geolocation data	You may set the default location for app services and to decide the push notifications you wish to receive; push notifications for Land A Loan, Budget Buster, Crew Captain, Gig Gladiator, Resume Rocker, and Opportunity Oasis will be automatic.
Payment information	Debit card, Credit card, Paypal, M-Pesa, purchase history, subscription history
Sensitive information	Artemis, Sticky Situation, Wellness Warrior

Disclosure of Personal Information - Primary and Third Party Accessibility

GFF shall use the personal information that we collect about you for the following purposes:

To respond to your requests for information.
To better understand the general usage of the App and to improve the App and/or our products and services.
For internal business purposes, such as auditing, data analytics, and research, create, develop, operate, deliver, and improve our App and/or services, products, and communications.
To underwrite the loans applied for by yourself, through the app.
To advocate, on your behalf, for better safeguarding and empowerment support from governments and NGOs.
Any other statutory or regulatory disclosures that apply to your country, at the time

GFF may also share your personal information in a limited number of circumstances -

With third-party vendors or partners of GFF engaged to enhance the App, services, and/or GFF’s product line.
In response to a subpoena, court order, judicial process, or regulatory inquiry.
To protect or defend against fraud, lawsuits, claims, or other liabilities.
To protect the security of GFF’s systems, rights, lien, or intellectual property.
In connection with a proposed sale, merger, or transfer of all or a portion of GFF’s business.
To otherwise assist GFF in providing services and/or products to the segment of customers.
To distribute publications, newsletters, or other information that may be useful to you.

General Data Protection Rules (GDPR) Compliance

In compliance with the General Data Protection Rules, we have positively applied the recommendation that the GFF app should provide the ability to remove user profile data. The GFF application is a financial service assistance program that provides loans to a target segment. As such, GFF reserves the right to protect its interests and the data that can affect a credit decision. It chooses to maintain financial-related account data securely within the system. A user may deactivate the account, without the option to retrieve the password or log in after using the deactivated account’s credentials, such as the user name/email. GFF will maintain these accounts for the mandated period.

Fields/services covered under GDPR

Loan Ledger - any active/foreclosed loans shall be stored with GFF’s Data Center.
Chat Messages - peer-to-peer, encrypted messaging through the app will be stored with GFF’s Data Center.
Budget Buster - Transaction history will be automatically saved and backed up to GFF’s Data Center.

Cross-Border Transfers

If the need arises, owing to wars, natural calamities, or Acts of God, we may transfer your personal information to a third-party server located in a jurisdiction other than your home country. Such transfer may also necessitate the transfer to countries that have not been deemed to have an adequate level of protection for the rights and freedoms of data subjects. If we transfer your personal information to another jurisdiction, we shall maintain the highest confidentiality after following due diligence. The third party is subject to reasonable checks, contractual agreements, and a bonafide, authorized licensee for the same in the country of operation. GFF shall take suitable precautions to impose contractual obligations, to ensure appropriate technical and organizational measures are implemented. GFF shall provide complete contractual protection to its users and the following data. GFF shall also ensure that any breach, lapse, or deliberate misuse of the database shall be punishable, through civil as well as criminal remedies, as applicable. GFF shall exercise prudential discretion to ensure vetting of such vendors to prevent any unauthorized access, processing, loss, damage, or destruction of the data, consistent with our obligations, under applicable data protection laws.

Information Security and Data Retention

GFF values your trust and expects to safeguard its own data and the data held by it, on behalf of the users, with utmost diligence. In keeping with our commitment to our users, we have implemented stringent physical, electronic, and procedural safeguards to ensure compliance with the extant data protection laws that safeguard your personal information. Our processes align with statutory mandates, and we only keep your personal information for as long as necessary, per our GDPR rules, and in compliance with the statutory and regulatory framework.

We restrict in-house access to your personal information on a need-to-know basis. Having satisfied the statutory record-keeping directive, we will delete and/or destroy the information held by us, on your account, as per the applicable data destruction policies.

Your Choices and Rights

Depending on your country of residence, certain rights may be exercised by you, governed by the applicable data protection laws. Under certain circumstances, you have the right to

Be informed of the use of your personal information;
Access your personal data, in the custody of GFF;
Object to the processing of all or part of your personal data;
Rectification of false or misleading data about you; and
Deletion of false or misleading data about you.

Links to Other Mobile Applications and Sites

The GFF Kenya App also includes links to other mobile applications and websites, each of which has their own privacy policies. If you submit personal information to any third-party mobile applications or websites, your information is subject to the concerned third party’s privacy policy. We encourage you to read carefully the privacy policy of any mobile application or website you visit.

Children

We do not knowingly collect personal information from children under 18 through our App. If you are under 18, please do not give us any personal information without first seeking parental consent from your parent or legal guardian. We encourage parents and legal guardians to monitor their children’s internet and mobile application usage, which will also help enforce our Privacy Policy. Parents and guardians must instruct their children never to provide us with personal information. If you have reasonable cause to believe that a child under the age of 18 has provided personal information to us, kindly contact us through our ____________. We will endeavor to delete that personal information from our databases.

Changes To This Policy

This Policy is effective, as on the date stated, at the top of this Policy. We may change this Policy from time to time. By accessing and using the site, after we notify you of such changes to this Policy, you are deemed to have accepted such changes and undertake to comply with our guidelines. Please refer to this Policy on a regular basis.

Contact Us

If you have questions regarding this Policy, please direct such questions to: info@girlsfirstfinance.com

Suppose you are located in the United Kingdom or European Economic Area ("EEA") and believe we have not adequately resolved any issues through this policy. In that case, you may contact the Supervisory Authority concerned.