Privacy Policy
CBA BL Limited (We, Us, WingiPay) recognize the importance of privacy and security of our customers' personal information. We value the trust you place in us to protect your personal information and respect your right to privacy. Preserving customer trust and privacy remains a core objective. We believe it is important to be clear about how information is collected, used, and protected at WingiPay.
Our commitment is to put users first. We strive to be transparent about how we collect and use your information, to keep your information secure, and to provide you meaningful choices.
1. Our Privacy Principles
- We will only collect, transfer, process, and store your personal information with your express permission unless legally required to do so.
- We will disclose the specific purpose for collecting your data.
- We will maintain records of the personal information and its intended use.
- We will not use your data for any other purpose without your express consent unless permitted by law.
2. Information We Collect
2.1 Information during mobile app registration: name, email, phone number, date of birth, gender, address, ID number, device ID, and location.
2.2 Bank card details: card number, expiry date, CVV2, and PIN (if applicable). Username and password may also be collected.
2.3 Additional data from third parties and cookies to associate devices and user profiles.
2.4 Device information: IP address, cookie info, operating system, browser version, network info, and more.
3. How We Use the Information
3.1 Services: To authenticate and authorize access to our services such as:
- Customer registration
- Bill payments
- Airtime purchases
- Funds transfers (wallet and bank)
- Virtual and prepaid card top-ups
3.2 Communication: We may contact you via email, SMS, phone calls, or push notifications regarding service availability, security, or product updates.
3.3 Advertising: Tailored advertisements may be served to you on or off our platform using ad networks and partner data.
3.4 Marketing: We use data for promotions, invitations, and service updates.
3.5 Customer Support: Your information may be used to respond to complaints and support issues.
3.6 Security, Fraud, and Investigations: To investigate fraud, policy violations, or harmful activity.
4. Legal Basis for Collecting and Processing Data
We collect and process personal data only when we have a legal basis for doing so. Data protection legislation provides several legitimate bases, including:
- Consent given by our customers
- Performance of a contract between the Bank and customers or third parties
- Legal obligation due to government banking laws and regulations
- Legitimate interest of our company
5. How We Secure Your Information
Protecting our systems and our users’ information is a top priority. To ensure a secure experience, we have implemented the following measures:
- Technical, administrative, and physical safeguards to protect against unauthorized access, use, or disclosure.
- A variety of security measures to maintain safety when personal information is entered, submitted, or accessed.
- Secure transmission, processing, and storage using standardized security safeguards.
- Sensitive data like card numbers, CVVs, and expiry dates are encrypted using TLS, tokenized, and securely stored. All sensitive data is encrypted and/or hashed during processing and storage.
- Personal information is accessible only by authorized individuals with special access rights, and such individuals must keep this information confidential. PINs and passwords are not accessible to staff.
6. How and Whom Do We Share Your Information?
By using our services, you consent to the processing, sharing, and transfer of your information as outlined in this policy. We adhere to all applicable data protection regulations in Ghana.
- We may transfer your data internationally to deliver our services, including to affiliates or partners for outsourced processing.
- We require all service providers and partners to follow strict privacy regulations and prohibit them from using your information for other purposes.
- We do not share customer data with non-financial companies for marketing purposes.
- By using our services, you consent to the transfer of your data outside Ghana for legitimate business purposes.
7. What Choices Do You Have About Your Information?
- Data Retention: We retain your data as long as your account is active or as needed to provide services.
- Access and Control: You can access or modify your personal data via our apps. To deactivate your account, email info@wingipay.com. We'll respond within 14 days to validate your request. Note: transaction history may still be retained as required by law.
- Account Closure: Even after account closure, we may retain data to meet legal obligations, resolve disputes, and prevent fraud.
8. Protecting Children’s Privacy
Our services are intended for a general audience. We do not knowingly collect or share information from children under 13 without parental consent or legal compliance.
9. How to Contact Us
If you have any questions about this policy or wish to report a data breach, please contact:
Data Protection Manager
Accra, Ghana
Email: info@wingipay.com