MOMENTUM App – Data Privacy Policy
DATA PRIVACY POLICY
1. THE PRIVACY POLICY
1.1. This Privacy Policy governs the collection, use, and disclosure of your Personal Data by
Momentum Credit Limited (“us”, “we” or “our”) when you access and operate the Momentum
Mobile Application (“Momentum App”).
1.2. Personal Data is information relating to an individual (“you” or “your”).
1.3. The Data Controller of your personal data in this privacy policy is Momentum with whom you
have a relationship through the Momentum App.
1.4. By accepting the terms of this Privacy Policy, you accept and consent to the practices described
herein.
1.5. If you have any questions about this Privacy Policy, please contact us via the email addresses
provided under Clause 8 of this Privacy Policy.
1.6. Momentum App’s services are not intended for children. We do not knowingly process
personal data relating to children.
1.7. We respect the privacy of your personal data and will treat it confidentially.
2. THE PERSONAL DATA WE COLLECT ABOUT YOU
2.1. Personal data constitutes all the details we collect, directly or indirectly, and hold about you.
Such personal data may include the transactions you initiate and effect, your financial
information, your interactions and dealings with us, and information received from third parties
or collected through your use of our Momentum App.
2.2. You authorize us to collect, process, and store your personal data including:
2.2.1. Personal data that you provide. We will request you to provide personal data for you
to access our services through the Momentum App. This personal data may include:
2.2.1.1. Unique identifiers such as name, e-mail address, mobile number, or any other identifier
that we may use to contact you.
2.2.1.2. Your responses to our forms, questionnaires, and/or surveys.
2.2.1.3. Communications with us such as phone call records, customer service requests, and
comments posted by you on our hosted platforms.
2.2.1.4. Supporting documents such as government-issued identification, financial documents, and
authorization/consent letters.
2.2.2. Information that we receive from third parties. We will collect your personal data
to comply with our legal obligations and to provide you with our services. To achieve this,
we may collect your personal data from third parties such as:
2.2.2.1. Your credit score or similar scores provided by credit scoring entities.
2.2.2.2. Anti-money laundering records.
2.2.3. Information that we collect as you use our Momentum App. We also collect
information from your usage of our Momentum App, and this may include:
2.2.3.1. Your device specifications such as the type of mobile device used and user-selected settings
such as language.
MOMENTUM App – Data Privacy Policy
2.2.3.2. Your device content data such as phonebook and network data, SMS data and installed
applications. We will never disclose information stored on your device. We will never call
your contacts.
2.2.3.3. Your transaction records such as loan requests, disbursement records, and repayment
records.
2.2.4. If you fail to provide or if you withhold any or all the personal data that we request, we
may be unable to provide you with our services.
2.2.5. We have regulatory requirements to meet. As such, we may be required to collect,
process, and retain certain personal data from you in accordance with the Anti-Money
Laundering regulations.
3. HOW WE USE YOUR PERSONAL DATA
3.1. We will only process your personal data when we have a lawful basis to do so. In most
instances, we will process your personal data under one of the following instances:
3.1.1. Where you have given us consent for the processing of your personal data by accepting
the Terms and Conditions of the Momentum App.
3.1.2. Where we need to comply with a legal obligation.
3.1.3. Where it is necessary for our legitimate interests or those of a third party and where your
interests and fundamental rights do not conflict with or override those interests.
3.1.4. Where we need to perform a contract with you, or where we need to take steps at your
request before entering a contract with you.
3.2. We collect and use your personal data for the following purposes:
3.2.1. To determine your eligibility for our services including for credit scoring and fraud
detection and prevention.
3.2.2. To process requests and instructions that we receive from you, your Momentum App
account, or your device.
3.2.3. To improve our services and further develop our Momentum App using machine learning
technology.
3.2.4. To communicate with you and manage our relationship with you.
3.2.5. To design new products and services from time to time.
3.2.6. To comply with our legal obligations such as KYC and transaction monitoring obligations.
3.3. We may send you direct marketing and/or promotional communications about our products
and/or services. However, you have the right to opt-out from such marketing and/or
promotional communications, at any time, by contacting us via the email addresses provided
under Clause 8 of this privacy policy.
3.4. We may use automated processing and automated decision-making with little or no human
intervention when we provide you with certain features of our services. When that happens,
we will inform you and you have the right to request a reconsideration of the automated
decision by emailing us at the addresses provided under Clause 8 of this privacy policy.
MOMENTUM App – Data Privacy Policy
4. DISCLOSURE OF YOUR PERSONAL DATA
4.1. Other than to those individuals and entities listed below, we will not disclose your personal
data to anyone unless we have your express permission or unless we are under a legal
obligation to do so. For the aforementioned purposes, we may disclose your personal data to:
4.1.1. Momentum’s service providers, agents, or any other Company that may be or become
Momentum’s subsidiary or holding company for reasonable commercial purposes.
4.1.2. Any debt collection agency, credit bureau, or credit reference agency.
4.1.3. Momentum’s lawyers, auditors, or other professional advisors or any court or arbitration
tribunal in connection with any legal or audit proceedings.
4.1.4. Any local or international law enforcement or competent regulatory or governmental
agencies to assist in the detection, investigation, prosecution, and prevention of criminal
activities or fraud.
4.1.5. Any financial institution which you have or may have dealings with conducts credit checks,
anti-money laundering-related checks, fraud prevention, and detection of crime.
5. DATA GOVERNANCE AND SECURITY MEASURES
5.1. The security of your personal data is important to us. We have appropriate technical and
organizational security measures in place to safeguard your personal data. When using external
service providers, we require that they adhere to security standards mandated by us and we
will do this through contractual provisions.
5.2. You should be aware that electronic communication is not a secure form of communication
and sending us personal data electronically, operating our Momentum App, or accessing it
electronically carries with it risks including the risks of access and interference by unauthorized
third parties. As such, you are solely for ensuring that you keep your Momentum App password
private and ensuring that your internet is secure as you access the Momentum App.
5.3. We have put in place procedures to deal with any actual or suspected personal data breaches
and we will notify the applicable regulatory authority and, in some instances, we will notify you
of such breaches.
6. DATA RETENTION
6.1. The personal data we hold about you is retained for as long as is necessary for the purpose(s)
for which the personal data was collected or as required under regulatory requirements.
6.2. The personal data is then destroyed or in some instances, anonymized so that it can longer be
associated with you.
6.3. In most cases, the personal data will be retained for a period of seven (7) years from the end
of your relationship with us.
7. YOUR RIGHTS AS A DATA SUBJECT
7.1. As a data subject, you have the following rights in relation to your personal data:
7.1.1. To be informed of the uses for which your personal data is processed.
7.1.2. To access your personal data in our custody.
7.1.3. To object to the processing of your personal data unless we have compelling legitimate
MOMENTUM App – Data Privacy Policy
interests to continue the processing, or when it is necessary for the establishment,
exercise, or defense of a legal claim.
7.1.4. To correct or rectify false, inaccurate, outdated, incomplete, or misleading data about
you. Your request for correction or rectification will be subject to verification, such as an
examination of supporting documents.
7.1.5. To erase or delete personal data that is false, misleading, irrelevant, excessive, or illegally
obtained. Your right to erasure will not apply where it is necessary for us to continue to
process the personal data for the establishment, exercise, or defense of a legal claim.
7.1.6. To receive your personal data in a structured, commonly used, and machine-readable
format, or to have us transfer your personal data to another data controller or data
processor.
7.2. You have the right to object to the processing of your personal data for direct marketing
purposes and you can opt-out of direct marketing communications by asking us not to send
you direct marketing messages.
7.3. You or your authorized representative can exercise any of these rights, at any time and subject
to our verification of identity, by contacting us via the email addresses provided under Clause
8 of this policy.
8. COMMUNICATION
8.1. If you wish to contact us in writing, or if any Clause in this Privacy Policy requires you to give
us notice, you can send this to us by e-mail to cx@momentumcredit.co.ke or
dataprivacy@momentumcredit.co.ke or to such e-mail address that may be communicated to
you from time to time. We will confirm receipt of this by contacting you in writing by e-mail
or through the Momentum App.
9. CHANGES TO THE PRIVACY POLICY
9.1. We keep this privacy policy under constant and regular review. This means that this privacy
policy may change. When it does, we will notify you.
10. YOUR DUTY TO INFORM US OF CHANGES
10.1. We have a legal obligation to ensure that the personal data we hold about you is
accurate and current. You have a duty to inform us if your personal data changes during our
relationship with you.
