Pesa Mkononi Privacy Policy
Updated: 8 May 2025 · Effective: 8 May 2025
PESA-MKONONI TANZANIA CREDIT LIMITED ("Pesa Mkononi", "we" or "our") is a loan provider authorized to provide loan services. PESA-MKONONI TANZANIA CREDIT LIMITED is a registered loan company authorized by the Central Bank of Tanzania.
Please read this Privacy Policy carefully to ensure that you understand each paragraph. By clicking "Sign Up", agreeing to the Terms and Conditions of Use, or using any of our services, you acknowledge that you have read and understood the terms of this Privacy Policy and the Agreement. This Privacy Policy and all future changes, including the collection and use of your information, are subject to its terms.
This Privacy Policy is intended to explain:
- Who we are and how to contact us
- Your rights in relation to your personal data
- What personal data we collect
- How we use your personal data and why
- Who we share your personal data with
- What information is stored and for how long
- How we protect your personal data
- Child protection
- Changes to this Privacy Policy and changes in the law
This Privacy Policy has been designed to comply with our obligations under the Data Protection Act (DPA), the legal framework that sets out guidelines for the protection and processing of personal information of individuals in Tanzania, or residing outside Tanzania but of Tanzanian origin. Any revisions will be posted on this page and you will be notified through our service channels. If you object to these changes, you may close your account and stop using the Services. Continued use of any Service after notice of changes indicates that you understand and accept the revisions.
1. Who we are and how to contact us
The "Pesa Mkononi - Mikopo ya Pesa" mobile application is owned, operated or controlled by us, together with the content, software, mobile services, financial products and features offered through it (collectively, the "Services"). Pesa Mkononi is a modern financial platform that serves customers anywhere, anytime, through their mobile phones, giving them the best choice and access to financing.
If you have any questions about our practices or this Privacy Policy,
please contact us at:
Email:
support@mkononi.top
2. Your rights regarding your personal information
2.1 Under this Privacy Policy, you have the right to:
- Request access to your personal information — to receive a copy of the personal data we hold about you and confirm we are processing it lawfully.
- Request correction of the personal information we hold — to correct any inaccurate or incomplete information.
- Request erasure of your personal information where we have no legitimate reason to continue processing it.
- Object to processing where we rely on legitimate interests, or where we process your data for direct marketing.
- Request restriction of processing, for example while we verify its accuracy or the reasons for processing it.
- Request portability of your personal data — we will provide your data, to you or another party you choose, in a structured, commonly used and machine-readable format. This applies only to automated data you consented to or that we used to perform a contract with you.
- Withdraw your consent at any time where we rely on consent to process your data. If you withdraw consent, we may be unable to provide certain features of the Services.
2.2 How to exercise your rights
To exercise any of the rights above, please contact us using the details in section 1. You will not normally be required to pay a fee. We may charge a reasonable fee, or refuse to act, where a request is unfounded, repetitive or excessive. We may need to request specific information to verify your identity before responding. We aim to respond to all legitimate requests within one month; complex or multiple requests may take longer, in which case we will keep you informed.
2.3 Complaints
To complain about this Policy or our practices, please contact us at support@mkononi.top. We will respond as quickly as possible. If you feel your complaint has not been handled appropriately, you may lodge a complaint with the relevant supervisory authority.
2.4 Commercial communications
We may send commercial communications from time to time. To stop them or adjust your preferences, follow the opt-out information in any email, turn off notifications in your app settings, or contact us. Opting out does not apply to information you provide for legitimate service-related purposes.
3. What personal data do we collect?
3.1 Customer information
To use the Services, you must provide customer information through our registration, account upgrade or profile forms. This includes, but is not limited to: full name, email address and phone number, PIN, address, gender, date of birth, occupation or business details. For certain services we may also collect national identification, document details and photographs (including a selfie for facial recognition) to verify your identity and distinguish new and existing customers. Conversations with our customer service team may be recorded and stored for training and record-keeping purposes.
3.2 Device information
When you use the Services, the following may be automatically collected: contact information from your synced address book (used when necessary to provide services such as airtime top-ups and money transfers); phone/device information; unique device identifier (IMEI or serial number); SIM card information; mobile network, operating system and browser settings; and access to your device camera (for facial recognition), external storage (for files) and messaging. We use this to protect customers from crime, improve the Services and understand how people use them.
3.3 Location information
Some features may require GPS location information from your device. With your consent, we collect this for use in those features. Disabling location services may make certain features unavailable.
3.4 Analytics
We may use in-app analytics technology (e.g. AppsFlyer, Firebase) to improve and simplify the app, design and services. These tools track general usage, provide performance metrics, improve ads and report app errors, including when you install or uninstall the software.
3.5 Cookies and electronic tracking
A cookie is a string of information a website stores on a visitor's device and that the browser returns on each visit. We use cookies to identify and track visitors, their use of our website and their access preferences. Visitors who do not want cookies should set their browser to refuse them; our Services may not function properly without cookies.
3.6 User credit information
This means information about:
- your credit history, including applications, agreements, payment patterns or defaults, enforcement events and termination circumstances;
- your financial history, including past and present income, assets, liabilities and related matters;
- your educational, employment, professional, academic or business history; and
- your identity, including name, date of birth, marital and family status, past and present addresses and contact details.
3.7 Summary of data collected
| Type | Details |
|---|---|
| Identifying information | First name, last name, surname, username or similar identifier, marital status, date of birth and gender, selfie, identification number and copy of identification document. |
| Contact information | Home address, work address, billing address, email address and telephone number. |
| Financial information | Bank account and payment card information, income and financial statements. |
| Content information | Any content you post on the Service, including profile, preferences, messages, comments and related metadata. |
| Marketing & communications | Your preferences for commercial communications and the content of messages exchanged with us. |
| Technical information | Security credentials (username and PIN/password), IP address, login information, browser type and version, location and region settings, operating system and platform. |
| Device information | Contact information, phone/device details, camera access, unique device identifier (IMEI/serial), SIM card, mobile networks, operating system and browser settings. |
4. How we use your personal information and why
4.1 Transaction information
To process transactions we may share some of your information with parties you do business with, such as contact information and payment information. We will not disclose your card or bank account number to anyone unless we have your express consent or are required to do so by applicable law, subpoena, court order or other legal process.
4.2 Identity information
We collect and store your information as part of compliance with relevant financial regulations. Biometric data is used only to verify your identity and prevent fraud; it is stored temporarily during the eKYC process, automatically deleted after verification, processed securely within our systems and not accessible to third parties. The lawful basis for using your personal information is generally that we need it to perform our contract with you, that it is necessary for our legitimate interests, or that we must comply with a legal or regulatory obligation. Where we rely on consent, you may withdraw it at any time.
4.3 If you do not provide necessary information
Where we need to process your data to comply with the law or perform a contract, failure to provide it when requested may mean we cannot perform existing or proposed contracts and may have to stop providing the Services to you.
4.4 When your information may be shared
- To comply with requests from regulators or government agencies with sufficient authority
- To fulfill legal obligations, such as court requirements
- For regulatory reporting purposes
4.5 Business transfer
If we are acquired or our business is transferred, a successor company may have access to the information we hold, including account information, and will remain bound by this Privacy Policy until amended.
5. Who we share your personal data with
We may share your personal information with third parties as described below, as an important part of our relationship with you.
| Recipient | Why involved |
|---|---|
| Our partners | To help develop, maintain and provide our services and manage customer relationships (support, communications, advisory services). |
| Service providers | Website/app development, hosting, maintenance, backup, storage (e.g. Huawei Cloud), payment processing, identity verification, analytics, compliance checks and similar services. |
| Expert advisors | Lawyers, accountants, bankers, auditors and insurers providing advisory, compliance, legal, insurance and accounting services. |
| Authorities & courts | Where necessary to comply with law, regulation, order or investigation, to address fraud or security issues, or to protect legal rights. |
| Advertisers | Third parties such as ad servers or networks may access information to present advertising relevant to your interests. |
| Researchers | Academics or contractors, under confidentiality obligations, to study market patterns and trends. |
| API & SDK partners | Limited partners accessing parts of the Service via API; SDKs such as Firebase, AppsFlyer and Mate, with strong security measures. |
| Credit Reference Bureau | Customer credit information is submitted to and may be compiled and stored by the Credit Reference Bureau (CRB). |
| Agents & employees | Contact details may be shared with debt collection agencies or staff to collect credit payments. |
When you apply for a loan, you agree to the submission of customer credit information to the Credit Reference Bureau, regardless of whether your application is approved. We may also share anonymous, non-personal usage information with third parties to help them understand usage patterns and trends.
6. What information is stored and for how long
6.1 Where your information is stored
We encrypt your personal information when transferring it to countries considered to have adequate data protection laws. Where a destination lacks adequate laws, we will obtain your consent and comply with the DPA to ensure adequate protection. We retain transaction details for the period required by financial regulations in your jurisdiction.
6.2 How long we retain your information
We retain your information for as long as your account is in use or as necessary for the purposes described in this Policy, unless you ask us to delete it. In general your personal information is retained for at least two years, and longer where required by law (for example for regulatory purposes), to conduct audits, resolve disputes, enforce our agreements or distinguish new customers.
7. How we protect your personal data
We are required to report any personal data breach to the regulator within 72 hours of becoming aware of it. If your information has been compromised and there is a high risk to your freedoms and rights, we will notify you immediately.
Your responsibilities
You are responsible for protecting your password or PIN. Never share your Pesa Mkononi account password or PIN with anyone. We will never ask you for your PIN or password via email, SMS or any other means — if you receive such a request, ignore it and contact us at support@mkononi.top. If you believe your password or PIN has been compromised, change it immediately and contact us.
8. Child protection
Pesa Mkononi does not knowingly collect personally identifiable information from anyone under the age of 18. We encourage parents to instruct their children not to provide personal information online. If you are concerned about your child's information being disclosed, please contact us.
9. Changes to this Privacy Policy
We may change this Privacy Policy at any time at our sole discretion and will notify you of any changes. By continuing to use the mobile app or website after changes, you agree to be bound by the new policy.
10. Governing law
This Privacy Policy is governed by and construed in accordance with the laws of the United Republic of Tanzania.
PESA-MKONONI TANZANIA CREDIT LIMITED
Email:
support@mkononi.top
Address: Region Dar Es Salaam, District Kinondoni, Wazo Hill, Mashamba ya Jeshi