1. Introduction
This Privacy Policy explains how our Wave Social Finance Application ("we," "us," "our," or "Company") collects, uses, discloses, and otherwise processes personal information in connection with our mobile application available on the Google Play Store.
We are committed to protecting your privacy and ensuring you have a positive experience on our application. This policy applies to all users, including those under 13 years old. If you are under 13, please have your parents or guardians review this policy with you.
2. Information We Collect
Information You Provide Directly
- •Account Information: Name, email address, phone number, date of birth, and profile picture
- •Financial Information: Bank account details, payment methods, transaction history, and group contribution amounts
- •Group Information: Information about Wave groups you create or join, member details, and contribution schedules
- •Communication Data: Messages, notifications, and support inquiries
- •Identity Verification: Government ID details, address information for KYC/AML compliance
Information Collected Automatically
- •Device Information: Device type, operating system, unique device identifiers, and model
- •Usage Data: Features accessed, time spent in app, clicks, and interaction patterns
- •Location Data: Approximate location based on IP address (not precise GPS unless explicitly permitted)
- •Crash Reports: Error logs and app performance data to improve stability
Biometric Information (Optional)
- •Fingerprint/Face Recognition: Used only for local device authentication
- •Never Transmitted: Biometric data is processed locally on your device and never sent to our servers
- •Optional Feature: You can choose to disable biometric authentication at any time
3. App Permissions & Data Access
Required Permissions
- •INTERNET: Allows communication with our servers for account sync, payments, and group management
Optional Permissions
- •CAMERA: Used only to set your profile picture. You can always deny this permission
- •READ_PHONE_STATE: Used to pause audio/video during calls. Does not access call history or phone numbers
- •USE_BIOMETRIC/USE_FINGERPRINT: Enables fingerprint/face recognition for secure login. Processed on your device
- •READ_EXTERNAL_STORAGE: Allows uploading documents and ID verification files. No access to other files
- •ACCESS_FINE_LOCATION: Used for fraud detection and compliance purposes. You can deny without affecting core functionality
4. How We Use Your Information
Core Service Delivery: Processing Wave group transactions, managing contributions, and distributing funds
Authentication & Security: Verifying your identity, detecting fraud, and preventing unauthorized access
Compliance: KYC/AML verification, tax reporting, and legal/regulatory requirements
Communication: Sending transaction confirmations, group updates, and important notices
Improvement: Analyzing app usage patterns to enhance features and user experience
Marketing (with consent): Informing you about new features, updates, and promotions (only if you opt-in)
Support: Responding to your inquiries and resolving issues
5. Data Security
We implement industry-standard security measures to protect your personal information:
Encryption in Transit: All data transmitted between your device and our servers uses TLS/SSL encryption
Encryption at Rest: Sensitive data is encrypted when stored on our servers
Authentication: Your account is protected by a secure password and optional biometric authentication
Access Controls: Only authorized employees with legitimate business purposes can access your data
Regular Audits: We conduct regular security assessments and vulnerability testing
Payment Security: Payment processing is handled by PCI-DSS certified third-party providers
6. Data Sharing & Disclosure
We Share Your Data With:
- •Wave Group Members: Your name, profile picture, and contribution history are visible to group members
- •Payment Processors: Stripe, Paystack, or other payment providers receive necessary payment information
- •Financial Institutions: Your bank may receive transaction information for processing transfers
- •Legal/Regulatory Bodies: We comply with law enforcement requests and regulatory requirements
- •Service Providers: Analytics vendors, cloud providers, and support platforms
We Do NOT:
- •Sell or rent your personal data to third parties
- •Share financial data with marketing companies
- •Use your data for purposes other than stated in this policy without your consent
- •Share data with third parties for their marketing purposes
7. Data Retention
Active Accounts: We retain data while your account is active
After Deletion: We securely delete personal data within 30 days of account termination
Legal Hold: Data may be retained longer if required by law or legal proceedings
Transaction Records: Financial records are retained for 7 years per tax and regulatory requirements
Backups: Archived backups may contain your data for up to 90 days before permanent deletion
8. Children's Privacy (COPPA Compliance)
Our app is not directed to children under 13. If we discover that a child under 13 has provided us with personal information, we will:
Immediately delete the child's account and associated data
Notify the child's parents or guardians
Not use the data for any marketing or commercial purposes
Parents: If you believe your child has created an account, please contact us immediately at blihops@gmail.com
9. Your Privacy Rights (GDPR & CCPA)
Your Rights:
- •Right to Access: Request a copy of your personal data
- •Right to Correction: Correct inaccurate information
- •Right to Deletion: Request deletion of your data (subject to legal obligations)
- •Right to Portability: Receive your data in a portable format
- •Right to Opt-Out: Opt out of marketing communications and data processing
- •Right to Withdraw Consent: Withdraw consent for data processing at any time
How to Exercise Your Rights:
- •Email us at blihops@gmail.com with your request
- •Include your account details and specific request
- •We will respond within 30 days of receiving your request
- •No fees will be charged for exercising these rights
10. International Data Transfers
If you are located outside the jurisdiction where our servers are operated, your information may be transferred to and processed in that jurisdiction.
We ensure appropriate safeguards are in place for international data transfers in compliance with applicable laws including GDPR standard contractual clauses.
11. Third-Party Services
Our app uses third-party services that may collect information:
Google Analytics: Analytics and usage tracking (you can opt-out)
Google Play Services: Required for authentication and payment processing
Firebase Crashlytics: Crash reporting and app performance monitoring
Payment Providers: Stripe, Paystack for secure payment processing
These services have their own privacy policies which we encourage you to review.
12. Policy Changes
We may update this Privacy Policy periodically. Changes will be posted with an updated "Last Modified" date.
Continued use of the application constitutes your acceptance of the updated policy.
We will notify users of material changes via in-app notification or email.
13. Contact Us
If you have questions or concerns about this Privacy Policy, please contact us at:
Email: blihops@gmail.com
Address: Addis Ababa, Ethiopia
Phone: +251977084844
Response Time: We aim to respond to all inquiries within 7 business days.