Privacy Policy

1. Who collects and processes your personal data?

1.1 Sacco as Data Controller
The Savings and Co-operative Society (“Sacco”, “The Sacco”, “We”) acts as the Data Controller. We determine the purpose for collecting your data and how it is used to provide Sacco services to you.

1.2 Amtech Technologies as Data Processor
The EasyMobile application and the EasySacco management system are powered by Amtech Technologies Limited. In this capacity, Amtech acts as the Data Processor, providing the cloud-based infrastructure, API services, and technical support necessary for our operations. They process your data strictly according to our instructions and security protocols.

1.3 Third-Party Integrations
To facilitate seamless operations, the EasyMobile app communicates via API to secure servers which may interface with payment gateways (M-PESA), Credit Reference Bureaus (CRB), and automated communication providers (SMS/Email).

2. What data does the Sacco collect?

When you sign up for an account or activate your existing membership on the EasyMobile app, we collect data necessary to manage your financial records:

• Identity Data: Full name, ID/Passport number, date of birth, address and gender details.
• Contact Data: Mobile phone number, email address, and physical location.
• Financial Data: Savings records, loan applications, repayment history, and transaction logs.
• Device & Technical Data: Device IDs, IP addresses, and app usage logs used for API authentication and security.
• Beneficiary & Guarantor Data: Details of next of kin and members who guarantee your credit facilities.

3. Why do we collect and process your data?

3.1 Service Delivery & Customization: To facilitate member onboarding, account activation, and to provide a customized user experience within the EasyMobile interface tailored to The Sacco’s specific products.

3.2 Transactional Processing: To process your deposits, withdrawals, and loan requests via the EasySacco API-driven backend.

3.3 Regulatory Compliance: To meet Know Your Customer (KYC) and Anti-Money Laundering (AML) requirements as mandated by Kenyan law.

3.4 System Integrity: To monitor API performance, prevent fraudulent logins, and ensure the security of the multi-tenant platform.

4. How long do we retain your data?

Data is retained as long as you are an active member of the Sacco. Upon exit, we retain your records for a minimum of 7 years to comply with financial regulations and statutory audit requirements.

5. Where do we process your data?

Your data is processed through the EasySacco cloud infrastructure. While primarily accessed in Kenya, data may be stored on secure, encrypted cloud servers that utilize global best practices for data residency and protection.

6. Your Rights as a Data Subject

As a user of the EasyMobile platform, you have the right to:

• Access your personal data held in our systems.
• Request rectification of incorrect or incomplete information.
• Object to automated decision-making.
• Request account deactivation (subject to outstanding liabilities).

7. Data Security

We use industry-standard SSL/TLS encryption for all data transmitted between the EasyMobile app and the EasySacco servers. Our API-based architecture ensures that your data is isolated and protected from unauthorized access by other entities on the shared platform.

8. Contact Us

Amtech Technologies Limited
Amtech Building, Matasia, Ngong-Kiserian(Forest) Road, Ngong, Kajiado Kenya.
Phone: +254 758 312 460
Email: info@amtechafrica.com
Website: https://amtechafrica.com

4.1 Loan Terms & Disclosures

In compliance with Google Play Developer Policies and the Central Bank of Kenya regulations:

• Repayment Period: Minimum 30 days, Maximum 48 months (depending on product).
• Representative Example: For a loan of KES 10,000 with a 6-month term: Interest (12%) = KES 1,200; Processing Fee = KES 200; Total Cost = KES 1,400. Total Repayable = KES 11,400.

6.1 Account Deletion & Data Removal

We respect your right to be forgotten. You may request the deletion of your EasyMobile account and all associated personal data through the following methods:

• In-App: Navigate to Settings > Profile > Delete Account.
• Web Request: Visit our Account Deletion Portal.

Note: Statutory data retention requirements (7 years) for financial records will override deletion requests for transaction history as required by Kenyan law.

7. Data Security & Sensitive Permissions

We implement SSL/TLS encryption for all data. Crucially, our app does not request, collect, or upload your sensitive personal information including contacts, gallery photos, or precise GPS location.