Dynamic
Microfinance Institution S. C. (hereinafter referred to as “DMFI”) is a
financial service provider licensed by the National Bank of Ethiopia to
undertake microfinance businesses throughout Ethiopia.
Financial
consumers’ privacy is important to DMFI. Thus, it developed this Privacy
Statement with the objective of ensuring the confidentiality and security of
personal data of financial consumers in line with the requirements of Art.
5.4.1. Of the Financial Consumer Protection Directive No. FCP/01/2020.
What Personnel Data MFI Dose Collect
DMFI may collect or
process (which may include collecting, organizing, structuring, using or
disclosing) personal data of financial consumers as and when they use its financial
products and services. Personal data collected about customers will be limited
to the minimum required by laws, regulations and directives governing the Know
Your Customer (KYC) and the Customer Due Diligence (CDD) requirements including
basic bio data (full names, gender, date of birth, education, occupation,
income and nationality), residential and business addresses, contact
information (P. O. Box, email address, phone number, fax number, etc.),
picture, specimen signature and subscriber IDs;
HOW DOES DMFI USE
PERSONAL DATA?
A DMFI use discloses financial consumer’s personal data in a
lawful, transparent and fair manner for legitimate purposes agreed to by the
financial consumer or otherwise permitted by law.
DMFI uses Financial Consumers personal data to conduct the
following activities:
As necessary for the performance of contracts: When DMFI enters
into a contract directly with financial consumers, it process their personal
data in order to prepare and enter into the contract, as well as to perform and
manage the contract (i.e., to provide financial products and services, manage
its relationship and contract, compliance with other contractual obligations
and related administration). If DMFI does not process financial consumers’
personal data for these purposes, it may not be able to provide them with any
of the financial products and services;
As necessary to comply with its legal
obligations: DMFI processes financial consumers personal data to comply
with the legal obligations to which it is subject for the purposes of
compliance with relevant laws, regulations and directives and for responses to
requests from, and other communications with, competent public, governmental,
judicial or regulatory authorities. This includes, detecting, investigating,
preventing and stopping fraudulent, harmful, unauthorized or illegal,
Anti-Money Laundering (AML) and Counter Financing of Terrorist (CFT) activities
that impact vital interests and public safety;
As necessary for its legitimate interests. DMFI processes
financial consumers personal data based on legitimate interest to: (i) enter
and perform contracts with financial consumers who use its financial products
and services; (ii) develop, test and improve financial products and services;
(iii) ensure authentication, integrity, security, and safety of accounts,
activity and products including detect, and prevent malicious conduct and
violations of DMFI’s terms and policies, prevent, investigate or address
security threats; (iv) send marketing communications, advertising and
promotions in relation to its financial products and services; and (v) meet its
corporate and social responsibility commitments, protect its property rights
and that of its financial customers’ rights, resolve disputes and enforce
agreements.
Provide its financial products and services: DMFI provide its
financial products and services to existing and potential financial consumers.
In the process, DMFI collects and uses financial consumers’ personal data, including
contact information, to address and deliver invitations, account statements,
legal notices and court summons. DMFI also uses financial consumers’ personal
data to manage relationships with financial consumers, compliance with
contractual obligations and related administration.
Product research and development. DMFI uses financial
consumers’ data in the process of developing, testing and improving its
financial products and services.
Communicate with financial consumers. DMFI uses
financial consumers’ personal data (including contact information) to
communicate with them about its financial products and services, including
product updates and changes to its policies and terms. DMFI also uses financial
consumers’ personal data to respond to their complaints or requests;
Legal reasons. To comply with
applicable laws or respond to valid legal processes, including from law
enforcement or regulatory government agencies, to investigate or participate in
litigation, or other adversarial legal proceedings and to enforce or
investigate suspicious cases of Anti-Money Laundry (AML) and/or Counter
Financing of Terrorist (CFT) activities;
DMFI will attempt to keep financial consumers’ files complete,
up-to-date, and accurate. DMFI will tell financial consumers how and where to
access their personal data and account information (except when it is
prohibited by law) and how to notify DMFI about errors which it will promptly
correct.
DMFI will continuously assess itself to ensure that financial consumers’ privacy is respected in.
HOW DOES DMFI SHARE
PERSONAL DATA?
Rule of thumb. DMFI will not reveal financial consumers’
personal data to any one unless it has previously informed and secured the
financial consumers’ written consent or are required by law.
Credit reference. DMFI will share personal data of financial
consumers with reputable reference sources such as the Credit Reference Bureau
(CRB) unit under the National Bank of Ethiopia and other financial service
providers for the purposes of credit reporting, verification and risk
management;
Registration of security rights. DMFI will share personal data
of financial consumers with authorized public or private agencies including the
Ministry of Transport, the Ministry of Trade and Industry, the Movable
Collateral Registry Unit of the NBE, land registration offices, Banks,
Insurers, MFIs, etc. for the purposes of registering its security rights over
tangible (movable & immovable properties) and intangible assets it accepted
as collaterals;
Marketing, promotions and third-party advertising. DMFI and/or
its third party marketing partners may use financial consumers’ personal data
to market, advertise and promote its financial products and services. DMFI may
also use cookies or similar technologies, including from third party
advertising partners, to show to financial consumers ads about DMFI’s financial
products and services, or worthy causes from third parties;
Whenever DMFI engage third-parties to provide support services,
it will require them to conform to its privacy statement and to allow DMFI to
audit them for compliance.
PRIVACY RIGHTS AND
CHOICES
At financial consumers’ request, and as required by applicable
law, DMFI will:
Right of access. Furnish financial
consumers of what personal data it has about them that is under its control
including account statements free of charge at least once a month and any time
when the account is closed;
Right of erasure. In certain
circumstances, financial consumers have the right to the erasure of personal
data that DMFI holds about them (for example, if it is no longer necessary for
the purposes for which it was originally collected);
Right to object to processing. In certain
circumstances, financial consumers have the right to request that DMFI stops
processing their personal data and/or stops sending them marketing
communications;
Right to rectification. Financial
consumers have the right to require DMFI to correct any inaccurate or
incomplete personal data;
Right to restrict processing. Financial consumers
have the right to request that DMFI restricts processing of their personal data
in certain circumstances (for example, if they believe that the personal data
DMFI holds about them is not accurate or lawfully held).
To exercise their rights or if they have any
other questions about DMFI’s use of personal data, financial consumers can send
a request at the contact details specified in the How to Contact Us section
of this Privacy Statement. Please note that DMFI may request financial
consumers to provide additional information in order to confirm their identity
and ensure that they are entitled to access the relevant personal data.
When legally permitted, DMFI may decline to process requests
that are unreasonably repetitive or systematic, require disproportionate
technical effort or jeopardize the privacy of others;
Financial consumers also have the right to lodge complaints to
regulatory authorities such as the National Bank of Ethiopia or to judiciary.
CHILDREN
DMFI does not allow
minors (children under the age of 18) to directly consume its financial
products and services. However, children can have a child saving account
opened and operated by their parents or guardians. |
HOW TO CONTACT US
If financial consumers have any privacy
related questions or comments related to this Privacy Statement please send an
email to privacy@dynamicmfi.com.
Financial consumers can also contact DMFI by writing to the following address:
Dynamic MFI
P. O. Box 20943/1000
Addis Ababa, Ethiopia
Or, by Fax: +251 115 15 70 90
RETENTION
DMFI retains personal data for as long as required to engage in
the uses described in this Privacy Statement, unless a longer retention period
is required by applicable law.
The criteria used to determine our retention period include the
following:
The length of time we have an ongoing relationship with you and
provide DMFI products and services to you (for example for as long as you keep
using our products);
Whether account owners modify or delete information through
their accounts;
Whether we have a legal obligation to keep the data (for example
, certain laws require us to keep records of your transactions for a certain
period of time before we can delete them); or
Whether retention is advisable in light of our legal position
(such as in regard to the enforcement of our agreements, the resolution of
disputes, and applicable statutes of limitations, litigation, or regulatory
investigation).
PERSONAL DATA STORAGE
DMFI collects and stores financial consumers (customers’)
personal data within the geographic boundary of Ethiopia. Besides, it uses
Virtual Private Network (VPN), which encrypts data, line to securely transfer
data from branch offices to the server and the vice versa.
DMFI also protect financial consumers’ personal data at rest
with state of the art physical and virtual security technologies. Hourly back
up of DMFI’s server data is taken to ensure data recovery and business
continuity in the event of an incident. Wherever the financial consumers’
personal data might be processed, DMFI will take appropriate steps to protect
it in accordance with this Privacy Statement under applicable laws.
PERSONAL DATA PROTECTION
DMFI keeps financial consumers’ personal data confidential and secure. Only authorized employees, who are trained in the proper handling and processing of financial consumers’ personal data, will have access to financial consumers’ personal data. Employees who violate DMFI’s Privacy Statement will be subject to disciplinary processes.