1. Privacy Notice

Welcome to Remit254, a subsidiary of Omni AI-Powered Solutions. Protecting your personal information is of paramount importance to us. We want to ensure that you, our customer, understand what we do with your personal information once you have provided it to us, and why we handle it in that way. We also want to address the rights you have under applicable law and let you know how you can exercise those rights. Let’s get down to it, and if you have any questions or concerns, do get in touch with us.

2. What is Remit254?

We’re a registered business known as Remit254, and the company with whom you contract when you become our customer is the company responsible for looking after the personal information that you provide to us. That company is referred to under data protection laws as the “Data Controller”. You can find out more about each Data Controller in the ‘Data Controllers’ section further down.

As a money transfer and payment services provider, we offer a variety of payment solutions through our platform, which you can access through our website (remit254.online) and our mobile app. We are licensed and regulated by the Central Bank of Kenya. Our licence and registration enable us to provide our services to customers like you while giving you assurances that we operate with the utmost integrity.

We’re also registered with the data protection regulators of Kenya. We have to adhere to many rules and regulations to ensure that your rights are protected and that we’re doing the right thing by you. Our ‘Data Controllers’ section further down contains more information about our licences and registrations.

3. Your Identity

This question may sound a little odd, but you could be one of our direct customers, a customer of one of our business clients, or a visitor using our services for the first time. Regardless of who you are, we protect your personal information in the same way.

The only difference rests on whether we’re making the decision as to how your personal information is handled (which is what we do if you’re a direct customer and visitor) or whether we’re told to handle your personal information (which is our role where you’re a customer of one of our business clients).

In case of the latter, you may wish to go to our business client who provides you with services if you have queries about your personal information (which, in legal language, is called ‘personal data’), as they’ll be primarily responsible for safeguarding your personal information. However, this responsibility passes down to us through the business contracts we have with our business clients.

4. Why We Collect Your Data

Broadly, we collect your personal information to provide you with our services. There are certain pieces of information that we need from you to allow us to carry out our services (for example, to process a transaction request for you).

More specifically, to give effect to the above and to assist you in maximising your registration with us, we also collect, use, and store your information for the following purposes:

• To process your transactions.
• To verify your identity, for example, when we request government-issued identification numbers.
• To improve, personalise, and facilitate your use of our services – for example, when you sign up for a Remit254 account, we may associate certain information with your new account, such as information about prior transactions you made using our services.
• To measure, customise, and enhance our services, including the design, content, and functionality of the mobile application and website.
• To improve our customer services, track and analyse trends, and monitor service usage.
• To send periodic emails, news, and information, or to conduct surveys and collect feedback about our services.
• To communicate with you about products, services, contests, promotions, discounts, incentives, and rewards offered by us and selected partners, based on your communication preferences.
• To administer our internal information processing and other IT systems, protect our rights or property, or ensure the security and integrity of our services.
• To operate our website and services, including ensuring their security.
• To maintain back-ups of our databases and to keep records in accordance with our internal policies, procedures, and applicable law.
• To communicate with you, including delivering the information and support you request, such as technical notices, security alerts, and support or administrative messages.
• To resolve disputes, collect fees, and assist with any issues you may have.
• To comply with applicable laws and regulations, and to establish or defend against legal claims.
• To obtain or maintain insurance coverage, manage risks, or obtain professional advice.
• To comply with our obligations, whether required by law or by written agreements with third parties.
• To enforce the provisions of our Terms of Service or other applicable agreements or policies.
• To investigate, detect, and prevent fraud, security breaches, and other potentially prohibited or illegal activities.

5. Strategies That We Use to Collect Your Personal Data

We collect your personal information either directly from you when you register with us, from our business clients with whom you have a relationship (who may pass on your personal information so that we can help them deliver their services to you), or from financial institutions and third-party verification services.

This verification process occurs when we confirm your identity (as part of our onboarding process) or during your account verification process (e.g., when you call us or make a transaction request).

6. What Kind of Data Do We Need from You?

Your personal information that we collect, store, and use may include:

• Identification Information: Your name, email address, home address, phone number, and date of birth, along with identification details from documents confirming your ID and home address.
• Financial Information: Bank account details, payment card numbers, and bank statements.
• Transaction Information: Data about when and where your transactions occur, names of transacting parties, transaction descriptions, payment or transfer amounts, billing and shipping information, and devices or payment methods used.
• Device Information: Location and specifics of your device, such as hardware model, operating system and version, unique device identifier, mobile network details, and interactions with our services.
• Software Security Data: We may identify other software running on your device for anti-fraud and malware-prevention purposes (but will not collect any content from such software).
• Usage Data: Information about how you use our services, including access times, browser type and language, and Internet Protocol (IP) address.
• Third-Party Data: Information from verification services, credit bureaus, mailing list providers, and publicly available sources (where lawful, this may include your government-issued ID number).
• Cookies & Web Beacons: We may use cookies and web beacons (see our Cookies Policy for details).
• Document Verification: Pictures of your ID, utility bills, and other requested documents.
• Employment Information: Details related to your job and professional background.
• Communications Data: Information contained in any communication you send to us, including metadata and records associated with those communications.
• Survey & Promotion Data: Any additional information you provide when participating in contests, promotions, or surveys offered by us or our partners.

9. Third-party advertising and analytics

We may allow third-party service providers to deliver content and advertisements in connection with our services and to provide anonymous site metrics and other analytics services. These third parties may use cookies, web beacons, and other technologies to collect information, such as your IP address, identifiers associated with your device, other applications on your device, the browsers you use to access our services, webpages viewed, time spent on webpages, links clicked, and conversion information (such as transactions entered into). This information may be used by us and third-party service providers on our behalf to analyze and track usage of our services, determine the popularity of certain content, deliver advertising and content targeted to your interests, and better understand how you use our services. The third-party service providers we engage are bound by confidentiality obligations and applicable laws with respect to their use and collection of your personal information. This Notice does not apply to third-party cookies, web beacons, or other tracking technologies, which are covered by such third parties’ privacy policies.

10. Opting out and deactivation options

If you wish to deactivate your Remit254 Account, you may do so by contacting our customer service. We may retain archived copies of the information and any transactions or services in which you may have participated for a period of time that is consistent with applicable law, or as we believe is reasonably necessary to comply with applicable law, regulation, or legal process, to prevent fraud, to collect fees owed, to resolve disputes, to address problems with our services, to assist with investigations, to enforce our Terms of Service or other applicable agreements or policies, or to take any other actions consistent with applicable law. If you do not consent to collection of the device location information, you may be unable to use our corresponding services. You can stop our collection of location information at any time by changing the preferences on your mobile device. If you do so, some of our mobile applications will no longer function. You may also stop our collection of your location information by uninstalling our mobile application from your device. Some of the cookies we use are stored on your device by us, while others may be stored on your device by third parties who deliver services on our behalf. Most web and mobile device browsers are set to automatically accept cookies by default. However, you can change your browser settings to prevent automatic acceptance of cookies, or to notify you each time a cookie is stored on your device. You may opt out of receiving promotional messages from us by following the instructions in those messages or by changing your notification settings by logging into your Remit254 Account. If you decide to opt out, we may still send you non-promotional communications such as service messages, including digital receipts and updates about your Remit254 Account activities.

11. Protecting your personal data

We take reasonable measures, including administrative, technical, and physical safeguards (which are subject to periodic changes), to protect your information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction. We hold the information at our own premises with the assistance of third-party service providers, or outside our own premises in data hosting facilities where your personal information is encrypted for security. We restrict the access of your personal information to our employees, contractors, and agents who need to know that information to transmit, store, or process it, and these individuals are subject to contractual confidentiality obligations consistent with this Notice, and may be disciplined or terminated if they fail to meet these obligations. Our third-party service providers store and transmit personal information in compliance with this Notice and other appropriate confidentiality and security measures. We’ll hold your personal information for the period in which your account is active. We also hold your information for seven years from the date of your last use of our services, unless otherwise required by applicable law. We do not retain or store your bank card or bank account information unless we’re legally required to do so. We may, however, have to retain your personal information where this is necessary to comply with our legal obligations, for anti-fraud protection purposes, to establish or defend against legal claims, and to protect your vital interests or the vital interests of another person.

12. Your Rights

It’s your personal information and therefore you’re in control of what happens to it. Remember, under applicable laws, you have a number of rights (which we list below in bold), and to exercise them you only need to ask us to deal with your request (which we must do within 30 days). Here are your rights and how we handle your request(s):

• Right to information: You may ask us for details of the personal information we hold about you. You can request details of the purpose of the processing of your personal information, details of the types of personal information we hold about you, and details of precisely whom we have shared your information with. If we receive a request from you to provide you with this information, we’ll do so to the extent permitted by law.
• Right of access: You may ask us for access to your personal information. If we receive a request from you for such access, we’ll provide you with the same to the extent permitted by law.
• Right to rectification: You may ask us to rectify any inaccurate or incomplete personal information we may hold about you. If we receive a rectification request from you, we’ll update our records so that they reflect the new personal information you provide to us.
• Right to erasure: You may ask us to delete your personal information, or to restrict or object to how your personal information is being used. Due to our operational systems and the manner in which we store your personal information, the way in which we observe your right to erasure is not to erase it but instead to anonymise it. This means that your personal information will not be identifiable as belonging to you or in any way link back to you, and it will not be accessible to anybody in our business save as to designated members of our information security team who are under strict confidentiality obligations.
• Right to restriction of processing: You have the right to ask us to restrict the processing of your personal information (for instance, to process your information only to provide our services to you and nothing else such as marketing activities). If we receive a restriction request from you, we’ll restrict the processing of your personal information to determined categories agreed by you.
• Right to data portability: You have the right to receive your information in a structured machine-readable format (for instance in a pdf or excel document) (data portability in tech terms), which will enable you to for instance migrate your personal information elsewhere. If we receive a data portability request from you, we’ll send you all the personal information that we hold on you.
• Right to object: You may object to us processing your personal information in certain circumstances. This includes your right to object to us processing your personal information for direct marketing purposes. If you let us know that you object to us processing your personal information, we’ll action your request insofar as we’re able to do so. To provide our core services to you, we may be unable to observe your request due to the way our systems operate, but where this is the case, you can exercise any of your other rights as you consider appropriate.
• Right to avoid automated decision-making including profiling: You may request for your personal information to not be subject to automated decision-making (that is, processed without any human involvement), or for your personal information not to be subject to profiling (for instance, automated processing to digitally deduce your online choices and preferences) where such activity has significantly affected you. If we receive a request from you asking for your personal information to not be subject to profiling for example, we’ll adhere to this by ensuring that you’re removed from lists where such profiling occurs.
• Right to withdraw consent: We’ll only process your personal information where we have been given permission by you (by virtue of you directly registering with us for a Remit254 Account enabling you to make use of our services) or by consent of our business clients that provide services to you. You have the right to withdraw consent at any time. If we receive a communication from you withdrawing your consent, we’ll cease the processing of your personal information. The exception to this is in instances where we’re obliged to keep your information to comply with a legal obligation, or to establish or defend against legal claims.

How can you contact us to exercise a rights request?

You may exercise any of the rights listed above by sending an email to us at the following email address: dataprotection@remit254.online (our preferred and fastest way for you to make a request). Alternatively, you may use the technical tools and features of your Remit254 Account which will connect you with our customer services team (through our chat function).

13. Contact Us

What if something goes wrong and you’re unhappy?

We’ll always try to address your concerns or queries in a timely manner (within 30 days in any case as we’re legally obliged to do), but if this does not happen, we would ask you to please contact us in the first instance so that we can address the issue at once.

Where you have questions or concerns in relation to any of the topics set out in this Notice, if you have any questions about how we collect, use and store your personal information or our data protection practices please feel free to contact us in any of the following ways:

By email: We have a Data Protection Officer whose responsibility is to ensure the efficient and proper legal handling of your concern, and who is supported by a team handling data protection matters. You can reach our Data Protection Officer by sending an email to dataprotection@remit254.com.

This Notice and Future Amendments

This Notice is effective from 3 March 2025. We may periodically update this Notice and encourage you to check here regularly for the most up-to-date version.

Thank you

Thanks for reading this Notice and thank you very much for your custom.