Privacy Policy

Kuda EMI Limited (“Kuda UK”) respects your privacy and protecting your personal data is paramount. As a financial services provider, we take data security extremely seriously and we make sure we have appropriate security measures in place to prevent your personal data from being accidentally lost and from unauthorised use and access. Please read this Privacy Policy carefully as it explains our practices regarding your personal data and how we will treat it. This Privacy Policy (together with our Cookie Policy) sets out how we collect and processes your personal data.

This Privacy Policy will inform you about your privacy rights and how the law protects you.

It is important that you read this Privacy Policy together with any other Privacy Policy or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements the other notices and is not intended to override them.

References in this Privacy Policy and on our website and Mobile Application to “we”, “our” or “us” are references to Kuna UK. References to “you” and “your” means each natural or legal person who interacts with us, uses our website or the products and services we provide.

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact the DPO using the details set out below.

  • Legal entity: Kuda EMI Limited
  • Data Protection Officer: Charles CHAN
  • Email address: dataprotectionuk@kuda.com
  • Postal Address: 5 New Street Square, London, United Kingdom, EC4A 3TW

You have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues www.ico.org.uk/esdwebpages/search). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance using the email address above. Our registration number is 13724208.

For the purpose of the applicable data protection legislation (meaning, prior to 25 May 2018 the Data Protection Act 1998 and from 25 May 2018 the General Data Protection Regulation and any legislation which implements it) (the “Data Protection Legislation”).

We keep our Privacy Policy under regular review. This version was last updated in [April 2022].

It is important that the personal data we hold about you is accurate and current. Please keep us informed if any of the details you provide to us should change, during the course of your relationship with us.

1. Information we collect and process about you

  • We may collect and process the following personal data about you:
    • Personal Data

      The data we collect about you. You may give us information about you when you register with our website www.kuda.com or our Mobile Application or by communicating with us by phone, email or otherwise. This may include data that we receive when you create a profile on our website and App. This also includes information you provide when you subscribe to our services, provide us with feedback, participate in surveys, and when you report a problem with our website and Mobile Application. The information you give us may include your name, address, email address, phone numbers, date of birth, marital status, identity documents, username (or similar identifier). This may include financial data relating to your means and method of payment such as your bank and card details. It may include salary, job title and company information. It may include data relating to the transactions you have carried out with us, such as details about payments. If you engage with us through social media then this may also include your social media contact details.

    • Information we collect about you when you communicate with us by phone, email, post, in person or otherwise, and when you use our products and services. We collect engagement metric information such as information about how, when and how often you contacted us, and how, when and how often you responded to communications from us and about how and when you use our products and services. It could include your preferences in relation to whether or not you want to receive marketing from us and our third-party partners and also your communication preferences.
    • Information we collect about you if you use our website, Mobile Application or interact with us over the internet, including via social media. Each time you visit our website or interact with us we may automatically collect the following information: (a) technical information, including the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; (b) information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
    • Information we collect about you from publicly available sources. This may include information available from social media (depending on your settings and the applicable Privacy Policies), including social media engagement metrics such as numbers of connections, followers and clicks, and information from resources such as Companies House.
    • Information we receive from other sources. We may receive further information about you if you use any of the services we provide. We work closely with third parties (including, for example, business partners, service providers, identity verification providers) and may receive information about you from them. We may combine information we receive from these other sources with information you give to us and information we collect about you.
    • We may monitor or record telephone conversations or other communications between you and us and keep recordings or transcripts of them and, if you contact us, we may keep a record or copy of that correspondence.
    • Financial information, such as data related to your mobile money account and payment method that we may collect when you purchase, order, return, exchange, or request information about our services from the Application. Please note that we store only very limited, if any, financial information that we collect in line with regulatory requirements for safeguarding such information. Otherwise, all financial information is stored by our payment processor.
    • Mobile Device Data Information such as your mobile device ID number, model, and manufacturer, version of your operating system, phone number, country, location, and any other data you choose to provide.
    • Push Notifications We may request to send you push notifications regarding your account or the Application. If you wish to opt-out from receiving these types of communications, you may turn them off in the application under the settings tab.
  • We also collect, use and share aggregated data such as statistical or demographic data. Aggregated data may be derived from your personal data, but it is not considered personal data under the Data Protection Legislation as it does not directly or indirectly identify you. If at any time we combine any aggregated data with your personal data so that it can identify you, we treat the combined data as personal data, which we will use and process in accordance with this Privacy Policy.
  • Where we need to collect personal data by law or under the terms of a contract, we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you.

    Where we are acting as an agent and we need to collect personal data to enter you into a contract with the supplier, we may not be able to take steps to enter you into that contract if you fail to provide the data when requested.

    In other words, where we require details from you in order to provide you with your chosen services, if you do not provide us with the necessary details then we will not be able to provide (or arrange for the provision of) the services you want.

2. Cookies

We and our service providers collect information about your use of our website and mobile application from cookies. For information about our use of cookies and how to decline them please read our Cookie Policy.

3. Purposes and legal basis for using your personal data

  • Where you have requested that we provide a specific product or service to you, or you otherwise make use of those products or services, we will process your personal data to perform our contract with you and provide that product or service..
  • We also use the personal data we hold about you to pursue our legitimate interests in providing and marketing our products and services to you, improving our website, services and interactions with you and other users of our products and services in the following ways:
    • administer your account and relationship with us and to, communicate with you by telephone, mail, email, text (SMS) message, instant messaging or other electronic means;
    • verify your identity as part of our identity authentication process and to prevent, detect and prosecute fraud and crime and comply with legal or regulatory requirements;
    • provide you with information about the products and services that you request from us;
    • provide you with information about other products and services we offer that are similar to those that you have already purchased or enquired about;
    • provide you with information about products or services we feel may interest you or be best for you;
    • your data may be shared with product or service providers to validate if you are an existing customer (which may affect whether you can be accepted for one of their products) or for fraud prevention purposes. The product or service provider does not have permission to use these data for any other purpose including marketing.
    • notify you about changes to our services;
    • ensure that content from our website is presented in the most effective manner for you and your device;
    • aggregate it on an anonymous basis with other data for data analytical and reporting purposes;
    • to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
    • to build up a picture of your interests so that you don’t miss information relevant to you when you visit our website;
    • to improve the service we offer you and to try and ensure that you get the best from our website in the short term, for example by providing you with relevant search results;
    • to improve the service we offer you and to try and ensure that you get the best from our website over the longer term, for example by understanding how you and other users interact with our website
    • to allow you to participate in interactive features of our service, when you choose to do so;
    • as part of our efforts to keep our website safe and secure;
    • to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
    • to make suggestions and recommendations (both through the website and other channels, such as email) to you and others about products or services that we think may interest you or them based on your and their usage patterns both on our website and in relation to our communications with you and them on other channels (such as email);
    • for training and quality purposes;
    • to check any instructions you give to us and for the purposes of investigating any complaint you may make, or as evidence in any dispute or anticipated disputes between you and us.
  • We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
  • In some cases we may also use the personal data we hold about you to comply with our legal obligations, or enter into or perform a contract with you.
  • Where we have your consent, we may also send you direct marketing communications (for example, by email). You can withdraw this consent at any time as described in section 6 below.

4. Automated Decision Making

We use an automated decision-making system to determine whether a user has provided appropriate authentication to engage with the application, including verification of Personally Identifiable Information (“PII”). This includes: (i) matching PII against national databases, publicly available information, sanctions lists, lists of politically exposed persons and other databases that provide information on potentially illegal activity; (ii) comparison by facial recognition of your selfie image against the image provide with your identification document or other database containing your image; and (iii) tracking your PII in the context of automated monitoring of transactions undertaken by you to look for potentially fraudulent or illegal activity. In the event that we receive an automated report that there is a discrepancy, insufficiency or inaccuracy in the information provided by you, we receive a response from a service provider that your information appears on a list that prohibits our engaging with you, suggests the potential for fraudulent or illegal activity, or if our automated transaction monitoring uncovers the potential for your transactions to be fraudulent or illegal, our compliance and customer service teams will engage to review the background information that generated the automated response and determine if the information provided about you is incorrect and we can proceed to either onboard you as a user or continue to allow your use of the Application and if there is still a need for additional information, we may contact you (most likely via SMS message or email) to seek additional information or clarification. If we are unable to continue with you as a user on our platform, we may provide you with the basis for the decision.

You have the right not to be subject to a decision based solely on automated processing, including profiling, which has legal consequences for you or similarly significant effects. While we’re confident that the technology works, we understand that not everyone is comfortable with decisions being left entirely up to machines. You have the right to object to an automated decision and ask that a person reviews it and/or to ask that we do not make our decision based on the automated score alone. If you want to know more about these rights or have any questions about our automated decision-making processes, please contact us using the details at the end of this Privacy Policy.

5. Who your data can be disclosed to

  • Disclosure of your data to others may be necessary to ensure the smooth provision to you of the products, services and information you request. Your data may be disclosed to the other entities as described below.
  • We may share your personal information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.
  • We may share your information with selected third parties including:
    • Fraud prevention agencies, to prevent crime and trace those responsible;
    • Identity verification providers, to comply with legal or regulatory requirements;
    • pub-contractors for the performance of any contract we enter into with you including Credit Reference Agencies;
    • Analytics and search engine providers that assist us in the improvement and optimisation of our website and App;
    • IT and software providers who supply us with our IT infrastructure for the provision of our services and administering our business (including our internal and external communications) and who also help us manage our customer and contact databases, customer relationships and marketing.
  • We may disclose your personal information to third parties if:
    • we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
    • Kuda UK or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets; and
    • we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply any contract with you and other agreements; or to protect the rights, property, or safety of Kuda UK, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud and other crime prevention and detection.
  • We have processes and systems that protect our customers and ourselves against fraud and other crimes. Customer information can be used to prevent crime and trace those responsible. We will share your personal information with fraud prevention agencies. If false or inaccurate information is provided and fraud is identified, details of this fraud will be passed to these agencies. Law enforcement agencies may access and use this information. Other organisations may also access and use this information to prevent fraud and money laundering, for example when checking details on applications for financial services, or checking details of job applicants and employees.
  • We and other organisations may access and use the information recorded by fraud prevention agencies from other countries.
  • We review all our relationships with third parties carefully so that we can be sure as possible that their practices match our own commitments to you relating to privacy and security. We also comply with the Data Protection Legislation in our dealings with these third parties to ensure that your information is appropriately protected.
  • We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.

6. Direct marketing and how you can change your preference

  • Where we have your consent we may send direct marketing communications to you, including by email, telephone or SMS or mail.
  • Whenever you receive direct marketing from us you will be told how you can unsubscribe so that you no longer receive it. When we communicate with you via email you will also be given the opportunity to set or amend any preferences that you have indicated to us.
  • You are also able at any time to withdraw any consent to receive marketing communications that you have given to us. You can do this by contacting us at dataprotectionuk@kuda.com. Details of how to contact us can also be found at kuda.com/uk.

    Please provide us with your full name, address and other contact details to enable us to find your records. Sometimes we may also need to contact you further to ask you for additional information so that we can comply with your request.

7. Where we store and transfer your data

  • Where we store your information ourselves it is stored on our secure servers in the European Economic Area (EEA). However, where we share your information with third parties this may involve transferring it to a country outside the EEA. This may include countries that do not have data protection laws that are as strong as those in the UK or the EEA. Where we do this we will take the steps required under the Data Protection Legislation to ensure that your information is appropriately protected. If you would like any further information about this then please contact us.
  • Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access, loss or damage.

8. How long we keep your information for

  • How long we keep your information will depend on the purpose for which we use it and so may vary. We will only retain your information for as long as is necessary for the purposes set out in this Privacy Policy and as is necessary to comply with our legal obligations. We do not keep more information than we need for a particular purpose.
  • Where we have provided you with a product or service we will keep an archived record of your personal data for a period of up to 6 years after termination (unless a longer period is prescribed by law) for the purposes of responding to legal disputes and legal or regulatory enquiries or investigations only, but will not use this data for any other purpose.
  • In order to ensure that we provide reliable and effective products and services, and to comply with our regulatory obligations, we regularly make back-up copies of our data. If we have provided any products or services to you then this will include your personal data. Where we delete your personal data from our systems, for whatever reason, then a copy may be retained in our data back-ups for a period of up to 90 days afterwards. These are kept securely and only accessed in order to delete old versions or in the event of an emergency which means we have to utilise a back-up copy to reinstate data on our active systems. Where we have to do this we will work to ensure as soon as we reasonably can that the copy of the data that has been used to reinstate data on our active systems is updated to take account of any previous amendments and deletions regarding your personal data.
  • If you ask us to stop sending direct marketing communications to you (see section 5, above), we will keep the minimum amount of information necessary (such as your name and email address) to ensure that we are able to adhere to your request. We also routinely seek to minimise the amount of personal data we hold where any marketing contact is deemed inactive. We deem a contact to be inactive if we have not been able to identify any engagement (e.g. through opening an email or visiting our website) for a period of 12 months or if an email is not delivered due to a hard bounce. In such circumstances, we will anonymise all relevant data for aggregation purposes, with the exception of an email address. This does not affect your rights as set out in section 5 and section 9 of this Privacy Policy.
  • In some circumstances, we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

9. Third-party websites

Our website and Kuda Mobile Application may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own Privacy Policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.

10. Your legal rights

  • Under the Data Protection Legislation, you have certain rights in respect of the personal data we hold about you. These may include rights to: request a copy of the personal data that we hold, request that we correct personal data if it is inaccurate, request that we erase or block your personal data, and to object to our processing of your personal data. These rights are limited in some situations. For example, if we have a legal requirement or a compelling legitimate ground we may continue to process your data even where you request its deletion.
  • If you would like to exercise any of these rights, please contact us using the details in the Contact section.
  • You also have the right to make a complaint if you feel your personal data has been mishandled. You are entitled to complain directly to the Information Commissioner’s Office (ICO) (if you are in the UK), or to your local data protection authority (if you are outside the UK).
  • You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
  • We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

11. Changes to our Privacy Policy

Any changes we may make to our Privacy Policy in the future will be posted on this page and, where we consider it appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Privacy Policy.

12. Contact

Questions, comments, and requests regarding this Privacy Policy should be addressed to dataprotectionuk@kuda.com. Details of how to contact us can also be found at kuda.com/uk.

We’re the money app for Africans.

Deposit, spend and send money across borders