Privacy Policy

STODFIN CO LIMITED - PRIVACY POLICY

(Effective Date: February 2025)

1. Introduction

Stodfin Co Limited ("Stodfin", "we", "our", "us") values your privacy and is committed to protecting your personal and financial information. This Privacy Policy explains how we collect, use, store, and protect your data when you use our services, including our mobile app, website, financial products, and third-party integrations.

By using our services, you consent to the collection and processing of your information in accordance with this policy.

2. Information We Collect

2.1. Personal Information

We collect personal information necessary to provide our financial services, including:

  • Full Name
  • National ID, Passport, or Refugee ID number
  • Phone number
  • Email address
  • Physical address
  • Date of birth
  • Bank account and mobile money account details

2.2. Financial & Loan-Related Data

  • Loan application and approval history
  • Repayment records
  • Credit scores and financial behavior
  • Income, employment details, and sources of funds

2.3. Device & Usage Data

  • IP address and geolocation
  • Device type, model, and operating system
  • App and website usage analytics
  • Login activity and access logs

2.4. Cookies & Tracking Technologies

We use cookies and tracking technologies to enhance user experience, monitor traffic, and improve our services. Users can manage cookie preferences through their browser settings.

3. How We Use Your Information

We use the collected information to:

  • Process loan applications, approvals, and repayments
  • Verify your identity and prevent fraud
  • Assess your creditworthiness and financial risk
  • Communicate with you regarding your loan status, payments, and updates
  • Enhance security and comply with regulatory requirements
  • Improve our app, website, and customer service
  • Conduct market research, service optimization, and targeted financial recommendations

4. How We Share Your Information

4.1. With Authorized Third Parties

We may share your information with:

  • Credit bureaus to assess your creditworthiness
  • Payment processors (e.g., mobile money, banks, Stripe) to facilitate transactions
  • Debt collection agencies in case of defaults
  • Regulatory bodies and law enforcement to comply with financial laws
  • Third-party financial service providers for secure integrations
  • Cybersecurity firms and fraud detection services to prevent unauthorized access

4.2. Third-Party Integrations

Stodfin integrates with third-party payment providers, credit bureaus, financial institutions, and risk assessment platforms. These partners must adhere to strict data protection agreements to ensure the security and confidentiality of user data.

4.3. No Unauthorized Data Selling

We DO NOT sell, rent, or trade personal data to third parties for marketing purposes.

5. How We Protect Your Information

We implement High-level security standards, including:

  • Data encryption (AES-256) in storage and transmission
  • Strict access control (biometric authentication, MFA, passkeys)
  • Regular security audits to detect and prevent vulnerabilities
  • AI-powered fraud detection and transaction monitoring
  • Data minimization practices – only necessary data is stored

6. Your Rights & Choices

You have the right to:

  • Access your personal data stored by Stodfin
  • Correct inaccurate or outdated information
  • Request deletion of your data (subject to legal and regulatory obligations)
  • Withdraw consent for marketing and data processing
  • Opt-out of tracking and cookies via browser settings

To exercise your rights, contact privacy@stodfin.com.

7. Data Retention

We retain your personal data for as long as necessary to:

  • Fulfill contractual obligations (e.g., loan agreements, repayment records)
  • Comply with legal and regulatory requirements
  • Prevent fraud, resolve disputes, and enforce agreements

Loan-related records are stored for up to 7 years as required by financial regulations.

8. International Data Transfers

If your data is transferred outside Uganda, we ensure:

  • Compliance with international data protection laws (e.g., GDPR, CCPA)
  • Secure transmission using encryption protocols
  • Data storage in jurisdictions with strong privacy protections

9. Legal Disclaimers & Compliance

9.1. Compliance with Ugandan & International Laws

Stodfin Co Limited complies with:

  • Uganda’s Data Protection & Privacy Act
  • Anti-Money Laundering (AML) & Know Your Customer (KYC) laws
  • International financial regulations (e.g., GDPR, CCPA, FATF standards)

9.2. Fraud Prevention & Legal Action

  • Fraudulent loan applications and suspicious transactions will be investigated and reported to relevant authorities.
  • Stodfin reserves the right to take legal action against fraudsters, defaulters, and cybercriminals.
  • Users engaging in financial misconduct may be banned from accessing Stodfin services.

10. Updates to This Privacy Policy

Stodfin reserves the right to update this policy periodically. Users will be notified of significant changes via:

  • Email notifications
  • App and website announcements
  • SMS alerts (if applicable)

Continued use of Stodfin services after policy updates constitutes acceptance of the revised terms.

11. Contact Information

For privacy inquiries, data access requests, or complaints, contact our Data Protection Officer (DPO):

📧 privacy@stodfin.com
📍 Stodfin Co Limited, Mbarara, Uganda

This Privacy Policy is legally binding and applies to all users, employees, and stakeholders of Stodfin Co Limited.

We use cookies to enhance your browsing experience, personalize content, and analyze our traffic. By clicking "Accept All", you agree to our use of cookies. You can "Customize" your preferences or "Decline" non-essential cookies at any time. Learn more

Allow