Privacy Policy

Wave Social Finance Application

Last Updated: May 2026

1. Introduction

This Privacy Policy explains how our Wave Social Finance Application ("we," "us," "our," or "Company") collects, uses, discloses, and otherwise processes personal information in connection with our mobile application available on the Google Play Store.

We are committed to protecting your privacy and ensuring you have a positive experience on our application. This policy applies to all users, including those under 13 years old. If you are under 13, please have your parents or guardians review this policy with you.

2. Information We Collect

Information You Provide Directly

  • Account Information: Name, email address, phone number, date of birth, and profile picture
  • Financial Information: Bank account details, payment methods, transaction history, and group contribution amounts
  • Group Information: Information about Wave groups you create or join, member details, and contribution schedules
  • Communication Data: Messages, notifications, and support inquiries
  • Identity Verification: Government ID details, address information for KYC/AML compliance

Information Collected Automatically

  • Device Information: Device type, operating system, unique device identifiers, and model
  • Usage Data: Features accessed, time spent in app, clicks, and interaction patterns
  • Location Data: Approximate location based on IP address (not precise GPS unless explicitly permitted)
  • Crash Reports: Error logs and app performance data to improve stability

Biometric Information (Optional)

  • Fingerprint/Face Recognition: Used only for local device authentication
  • Never Transmitted: Biometric data is processed locally on your device and never sent to our servers
  • Optional Feature: You can choose to disable biometric authentication at any time

3. App Permissions & Data Access

Required Permissions

  • INTERNET: Allows communication with our servers for account sync, payments, and group management

Optional Permissions

  • CAMERA: Used only to set your profile picture. You can always deny this permission
  • READ_PHONE_STATE: Used to pause audio/video during calls. Does not access call history or phone numbers
  • USE_BIOMETRIC/USE_FINGERPRINT: Enables fingerprint/face recognition for secure login. Processed on your device
  • READ_EXTERNAL_STORAGE: Allows uploading documents and ID verification files. No access to other files
  • ACCESS_FINE_LOCATION: Used for fraud detection and compliance purposes. You can deny without affecting core functionality

4. How We Use Your Information

Core Service Delivery: Processing Wave group transactions, managing contributions, and distributing funds

Authentication & Security: Verifying your identity, detecting fraud, and preventing unauthorized access

Compliance: KYC/AML verification, tax reporting, and legal/regulatory requirements

Communication: Sending transaction confirmations, group updates, and important notices

Improvement: Analyzing app usage patterns to enhance features and user experience

Marketing (with consent): Informing you about new features, updates, and promotions (only if you opt-in)

Support: Responding to your inquiries and resolving issues

5. Data Security

We implement industry-standard security measures to protect your personal information:

Encryption in Transit: All data transmitted between your device and our servers uses TLS/SSL encryption

Encryption at Rest: Sensitive data is encrypted when stored on our servers

Authentication: Your account is protected by a secure password and optional biometric authentication

Access Controls: Only authorized employees with legitimate business purposes can access your data

Regular Audits: We conduct regular security assessments and vulnerability testing

Payment Security: Payment processing is handled by PCI-DSS certified third-party providers

6. Data Sharing & Disclosure

We Share Your Data With:

  • Wave Group Members: Your name, profile picture, and contribution history are visible to group members
  • Payment Processors: Stripe, Paystack, or other payment providers receive necessary payment information
  • Financial Institutions: Your bank may receive transaction information for processing transfers
  • Legal/Regulatory Bodies: We comply with law enforcement requests and regulatory requirements
  • Service Providers: Analytics vendors, cloud providers, and support platforms

We Do NOT:

  • Sell or rent your personal data to third parties
  • Share financial data with marketing companies
  • Use your data for purposes other than stated in this policy without your consent
  • Share data with third parties for their marketing purposes

7. Data Retention

Active Accounts: We retain data while your account is active

After Deletion: We securely delete personal data within 30 days of account termination

Legal Hold: Data may be retained longer if required by law or legal proceedings

Transaction Records: Financial records are retained for 7 years per tax and regulatory requirements

Backups: Archived backups may contain your data for up to 90 days before permanent deletion

8. Children's Privacy (COPPA Compliance)

Our app is not directed to children under 13. If we discover that a child under 13 has provided us with personal information, we will:

Immediately delete the child's account and associated data

Notify the child's parents or guardians

Not use the data for any marketing or commercial purposes

Parents: If you believe your child has created an account, please contact us immediately at blihops@gmail.com

9. Your Privacy Rights (GDPR & CCPA)

Your Rights:

  • Right to Access: Request a copy of your personal data
  • Right to Correction: Correct inaccurate information
  • Right to Deletion: Request deletion of your data (subject to legal obligations)
  • Right to Portability: Receive your data in a portable format
  • Right to Opt-Out: Opt out of marketing communications and data processing
  • Right to Withdraw Consent: Withdraw consent for data processing at any time

How to Exercise Your Rights:

  • Email us at blihops@gmail.com with your request
  • Include your account details and specific request
  • We will respond within 30 days of receiving your request
  • No fees will be charged for exercising these rights

10. International Data Transfers

If you are located outside the jurisdiction where our servers are operated, your information may be transferred to and processed in that jurisdiction.

We ensure appropriate safeguards are in place for international data transfers in compliance with applicable laws including GDPR standard contractual clauses.

11. Third-Party Services

Our app uses third-party services that may collect information:

Google Analytics: Analytics and usage tracking (you can opt-out)

Google Play Services: Required for authentication and payment processing

Firebase Crashlytics: Crash reporting and app performance monitoring

Payment Providers: Stripe, Paystack for secure payment processing

These services have their own privacy policies which we encourage you to review.

12. Policy Changes

We may update this Privacy Policy periodically. Changes will be posted with an updated "Last Modified" date.

Continued use of the application constitutes your acceptance of the updated policy.

We will notify users of material changes via in-app notification or email.

13. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at:

Email: blihops@gmail.com

Address: Addis Ababa, Ethiopia

Phone: +251977084844

Response Time: We aim to respond to all inquiries within 7 business days.

Built with v0