Privacy Policy

1. Introduction

Welcome to Daret, a rotating credit and savings association (ROSCA) application developed by EAF microservice. This Privacy Policy describes how we collect, use, store, and protect your personal information when you use our mobile application.

By using Daret, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our application.

2. Information We Collect

We collect several types of information to provide and improve our service to you:

2.1 Personal Information

• Account Information: Name, email address, phone number, and profile picture
• Authentication Data: Login credentials and authentication tokens (including Google Sign-In data)
• Financial Information: Bank account details (account number, bank name, IBAN) for payment processing within groups
• Contact Information: Access to your device contacts to facilitate inviting friends to your savings groups

2.2 Usage and Technical Data

• Device Information: Device type, operating system, unique device identifiers
• App Activity: Payment history, group memberships, turn assignments, notification preferences
• Analytics Data: App usage patterns, crash reports, and performance data

2.3 User-Generated Content

• Group names and descriptions you create
• Messages and notifications within the app
• Payment confirmations and transaction records

3. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To create and manage your account, facilitate group savings, process payment requests, and assign turns
• Communication: To send you notifications about payment due dates, group invitations, payment confirmations, and app updates
• Payment Processing: To display bank account information to group members when payment is due and track payment confirmations
• App Improvement: To analyze usage patterns, fix bugs, improve performance, and develop new features
• Security: To detect and prevent fraud, unauthorized access, and other security issues
• Legal Compliance: To comply with applicable laws, regulations, and legal processes

4. Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

4.1 With Other Users

When you join a savings group, other group members can see your name, profile picture, payment status, and bank account details (when it's your turn to receive payment).

4.2 Service Providers

• Firebase/Google: For authentication, database storage (Firestore), and app analytics
• Cloud Storage: For secure data backup and synchronization

4.3 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to protect our rights, property, or safety.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. Data Security

We implement industry-standard security measures to protect your personal information:

• Encryption: Data transmission is encrypted using TLS/SSL protocols
• Firebase Security: We use Firebase Authentication and Firestore security rules to protect your data
• Access Controls: Limited access to personal information on a need-to-know basis
• Regular Monitoring: Continuous monitoring for security vulnerabilities and threats

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this Privacy Policy:

• Active Accounts: Data is retained while your account is active
• Legal Obligations: We may retain certain data to comply with legal requirements
• Account Deletion: Upon account deletion, we will delete or anonymize your personal information within 30 days, except where retention is required by law

7. Your Rights and Choices

You have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Update or correct inaccurate information through the app settings
• Deletion: Request deletion of your account and associated data
• Withdrawal of Consent: Revoke permissions for contact access or notifications
• Data Portability: Request a copy of your data in a machine-readable format

To exercise these rights, please contact us using the information provided below.

8. Third-Party Services

Our app uses the following third-party services that may collect information:

• Google Sign-In: For authentication (governed by Google's Privacy Policy)
• Firebase Services: For authentication, database, and analytics (governed by Google's Privacy Policy)
• Google Fonts: For typography (minimal data collection)

We are not responsible for the privacy practices of these third-party services. We encourage you to review their privacy policies.

9. Children's Privacy

Daret is not intended for users under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child under 18, please contact us immediately, and we will take steps to delete such information.

10. International Data Transfers

Your information may be transferred to and stored on servers located outside your country of residence. By using Daret, you consent to the transfer of your information to countries that may have different data protection laws than your country.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by:

• Posting the updated policy within the app
• Sending a notification through the app
• Updating the "Last Updated" date at the top of this policy

Your continued use of Daret after changes are posted constitutes your acceptance of the updated Privacy Policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: