CedisPay Privacy Policy Statement

CedisPay Privacy Policy Statement for CedisPay

At CedisPay, we understand the importance of privacy and confidentiality when it comes to our customers' personal information and data. This Privacy Policy Statement outlines how we collect, use, and protect the personal information and data that you entrust to us.

About Us

CedisPay is a lending company in Ghana that is committed to providing its customers with a seamless and innovative lending experience. Our company operates under the philosophy of "Think Digital First and Act Digital with a Growth Mindset." We offer our lending products and services through our website.

Consent to Use of Personal Information and Data

By using our website, you, as the "User", agree to our use of your personal information and data in accordance with the terms outlined in this Privacy Policy Statement.

Information We Collect

To effectively provide our lending products and services, we collect personal information from you through our website. This information falls into the following categories:

  • Personal information provided by you, such as registration information, billing and collection information, and any other information related to your communication and commercial relationship with us.
  • Personal and device information that is automatically collected through your use of our website, including device information, log data, product usage data, and information stored on your device, such as installed applications, SMS logs, contact lists, primary email address, third-party account information, and device phone number.
  • Personal information collected from third-party sources with your consent, such as public databases (credit reference bureaus and identification registries), social network accounts, and third-party data providers. We take appropriate steps to ensure that these third parties are legally and contractually bound to disclose personal information to us.

How We Use Personal Information and Data

We use, store, process, and analyze the personal information and data we collect from you for the following purposes:

  • Improving our lending products and services and enhancing your user experience
  • Research and development
  • Billing and collection
  • Contacting you regarding your account or sending system alert messages
  • Providing information about our other online products and services
  • Customer support
  • Credit analysis
  • Verifying your identity
  • Meeting legal requirements or responding to lawful requests from authorities
  • Prosecuting and defending our rights in legal proceedings or enforcing compliance with any agreement with us
  • Providing information to authorized third parties
  • Any other related purposes in connection with our lending products and services

Protecting Personal Information and Data

We take appropriate technical and organizational measures to protect the personal information and data that you provide us from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved and the nature of the information. Any personal information or data transmitted through our website is protected by secure socket layer (SSL) encryption. Only authorized third parties who require access to your information to perform specified services will be able to access it.

By agreeing to this Privacy Policy Statement, you agree that we may, as necessary and appropriate, transfer and disclose your personal information and data to the following third parties (who may also use, collect, store, process, transfer and disclose your personal information and data) on a need-to-know basis:

  • Our associates, affiliates, directors, officers, employees, and shareholders
  • Vendors, suppliers, contractors, agents, service and payment providers who help us in our business operations
  • Persons acting on your behalf, payment recipients, beneficiaries, account nominees, intermediaries, correspondent

Privacy Principles by applying to open an account, you consent to the collection, use and disclosure of your personal information in accordance with the CedisPay Privacy Code. The Privacy Code is part of these Personal Account Terms and Conditions, and your agreement to these terms indicates that you accept the terms of the CedisPay Privacy Code.

How We Collect and Use Your Personal Data

CedisPay applies the principle of minimality in the collection of Personal data which may only be processed if the purpose for which it is to be processed, is necessary, relevant and not excessive. CedisPay collects personal data for a specific purpose in accordance to the needs of the data subject, requirements of regulators and in relation to the functions or activity of the person directly from the data subject. However, data may be collected indirectly where:

  1. The data is contained in a public record
  2. The data subject has deliberately made the data public
  3. The data subject has consented to the collection of the information from another source
  4. The collection of the data from another source is not likely to prejudice a legitimate interest of the data subject
  5. The collection of the data from another source is necessary for the prevention, detection, investigation, prosecution or punishment of an offence or breach of law

Customer Information

As a regulated financial institution, CedisPay collects personal information in the form of the following through forms filled by customers, interviews, emails and other medium:

  • First and last name
  • Job title
  • Company
  • Address
  • Work / personal email address
  • Phone number
  • Financial goals
  • Town/city/state

All personal data collected will only be used to process a customer's account, transaction request, send occasional information and announcements. CedisPay does not sell personal data to anyone and will not share it with third parties without customers’ consent or under law. During account opening CedisPay will process personal data from customers in accordance with applicable personal data regulations (Ghana Data Protection Act, 2012, GDPR and Bank of Ghana ). This implies that:

  • Personal data will be treated confidentially
  • Personal data will be used for account opening purposes
  • Non-disclosure of personal data, except for the data processors used in onboarding procedures

Customer shall

Ensure that all personal information provided to CedisPay in connection with onboarding are accurate and up-to-date:

  • Inform CedisPay of any changes to information, for example, change of address etc
  • Check the information which CedisPay shall make available from time to time, in written or automated form, and inform CedisPay of any errors or, where appropriate, follow procedures for up-dating entries on computer forms
CedisPay shall not be held responsible for errors of which it has not been informed.

Events and Conference Data

CedisPay may occasionally organise corporate and social events or conferences, where individuals provide their information to register for an event. During Conference and event registration, where information is voluntarily provided during signup, we collect the following information:

  • First and last name
  • Job title
  • Company
  • Address
  • Work / personal email address
  • Phone number
  • Financial goals
  • Town/city/state
CedisPay events may be photographed and/or video/audio recorded for the purpose of reflecting the events in CedisPay’s publications and on the CedisPay’s website. We focus our efforts solely on the keynote speakers and other voluntary participants from the audience, as well as the audience as a whole

Website Visitors’ Data

In general, website visitors do not need to provide personalized information to CedisPay. CedisPay collects "aggregate data," that is, group data with no personal identifiers. CedisPay uses this aggregate data to help understand how the site is being used and to improve its usability. CedisPay also uses it to enhance the quality and availability of products and services it offers. Also, with explicit permission, CedisPay will use aggregate data from online surveys chosen by visitor for research and publication purposes.

If personal data is provided, and retained, it is only name, business contact email, and business contact phone number, which allow CedisPay to contact the visitor at his or her organization. CedisPay solely holds the information and engages in no contact-sharing program with other organizations. Many websites create Cookies (small text files) when a user visits a website, and these Cookies are used to analyze aggregate user behavior on a website. In line with best practices, CedisPay’s website asks permission of the visitor prior to setting Cookies. Should the visitor agree, CedisPay’s server will only collect the following information: The visitor’s IP address (including the domain name associated with the IP address, i.e. using reverse look-up).

  • The date and time of the visit to the website
  • The pages visited on the website
  • The browser being used

In addition, where this is available, CedisPay will also collect:

  • The country from which the visitor is accessing the website (only the ending is saved, e.g., de, since this indicates the relevant country).
  • The language of the browser being used
  • The website from which the visitor is accessing CedisPay’s website
  • The search word used (if the site is accessed via a search engine).
  • The type of connection and operating system
With regards to Cookies, we rely on consent given as the lawful basis under GDPR Article 6(1)(a) and Section 40 of the Data Protection Act, 2012.

Inquiries

When enquiries are made to CedisPay through CedisPay contact form, CedisPay uses the personal data that is stated in the contact form to respond. Any personal data received will not be used for any other purpose without prior consent and knowledge of the customer and will not be disclosed.

Interviews

Any personal data received through stakeholder interview will not be used for any other purpose without prior consent of the stakeholder

eCommerce

CedisPay’s use of ecommerce is limited to registration for a limited number of customers each year. Customers provide their personal information to register for services provided by CedisPay. We use the data collected in order to process transactions and billing for products/services provided on our ecommerce channels

Transfer / Sharing of Personal Data

CedisPay shall not rent or sell personally identifiable information with other individuals or organizations. However, CedisPay may transfer personal data to third parties when it is necessary in order to provide customers with service. Third parties shall mean:

  • Telecom Companies, Utilities Companies and Mobile money operators
  • Credit bureaus
  • Security-cleared data processors/subcontractors, who are assisting CedisPay with IT or other services
In case of a personal data transfer to business partners, customers should be aware that they might have stored personal data concerning them collected by other means such as CedisPay website, through their transactions means and accessing CedisPay electronic platforms for business transactions.

CedisPay may also transfer personal data to the above or other third parties if obliged to do so according to legislation or in order to protect national security or in legal disputes.

File Storage and Security

CedisPay has a security-cleared data processor to store files and data on secure servers. CedisPay is currently undergoing ISO 27001 certification programs and thereby guarantees an appropriate standard of data protection and operates to an appropriate standard of data security and all data is accessed via secure connections in Ghana.

In spite of CedisPay efforts to establish a secure environment for the website, customers should be aware that no information is completely secure on the internet. Therefore, they should always take the necessary safeguards on their own equipment.

Customer Rights

Customers have the right of access to the personal data submitted to CedisPay as well as to have their personal data updated, rectified, or erased, or to obtain a copy of their personal data. All requests shall be made in writing to CedisPay or email in addition to a proof of identity. On receipt of presentation of the request, CedisPay shall comply with the request or provide the data subject with credible evidence in support of the data as well as inform any person to whom the personal data has been disclosed of the corrections made.

Complaints

Where customers want to lodge a complaint over CedisPay processing of their personal data, they may contact CedisPay directly through email

Changes

CedisPay recognizes that data protection and privacy is an ongoing responsibility, therefore, CedisPay reserves the right to make changes to this Data Protection and Privacy Policy from time to time as it undertakes new personal data practices or adopt new privacy policies, etc. If such changes are substantial, CedisPay will notify customers via email or any of the consented mode of communication with CedisPay

Retention of Data

CedisPay will keep different types of information for differing lengths of time, depending on legal, regulatory and operational requirements

Trusted by over 1000 small businesses and individuals in Ghana

The Future is Us.

Belong to a place where you are financially supported.

Looking for financial support? Reach us

Contact us  
CedisPay - Group photo