Gwiza

Your digital piggy bank

Download
Download App

PRIVACY NOTICE

PRIVACY NOTICE FOR GWIZA APPS

Thank you for choosing to be part of our community at MVend Limited (“Mvend”, “we,” “us,” or “Our”). We are committed to protecting your personal information and your right to privacy. If you have any questions or concerns about this privacy notice or our practices concerning your personal information, please contact us at dpo@mvendgroup.com.  

Our Privacy Notice explains how we may collect, use, and disclose the information we obtain through our websites, networks, and applications (collectively, our “Platform”) and other services we provide to institutional  Clients (together with the Platform, our “Services”). It also describes the choices you can make about handling the information and how you can contact us about our privacy practices.

In this privacy notice, if we refer to:

  • Website,” we are referring to any website of ours that references or links to this policy.
  • App,” we are referring to any application of Mvend. “Services,” we are referring to our Website, App, and other related services, including any sales, marketing, or events.

This privacy notice aims to explain to you in the clearest way possible what information we may collect, how we use it, and what rights you have concerning it. If there are any terms in this privacy notice that you disagree with, please discontinue use of our Services immediately.

Please read this privacy notice carefully, as it will help you understand what we do with the information that we collect.

0. Interpretation

In this Notice, the following terms shall have the meaning assigned to them:

  1. Data Subject: a natural person from whom or in respect of whom, personal data has been requested and processed;
  2. User: a natural person, a public or private corporate body, or a legal entity, who uses or requests personal data processing service; 
  3. Personal Data: means any information relating to an identified or identifiable natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, psychological, genetic, mental, economic, cultural, or social identity of that natural person;
  4. Sensitive Personal Data: means any information revealing a person’s race, health status, criminal records, medical records, social origin, religious or philosophical beliefs, political opinion, genetic or biometric information, sexual life, or family details;
  5. Data Controller: means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the way any personal data are or are to be, processed. For this Privacy Policy, we are a Data

Controller of your data;

  • Processing: Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, including collection, receipt, recording, organization, structuring, collation, storage; adaptation or alteration, updating, retrieval, consultation, use, dissemination, disclosure through transmission; or otherwise making available, alignment or combination, merging restriction, erasure, destruction, and/or degradation;
  • Data Processor or Service Provider: means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers to process your data more effectively.
  • Notice: MVend limited Privacy Notice

1. INFORMATION WE COLLECT

We may obtain information about you in various ways, such as when you voluntarily provide it to us, in our role as a processor of payment transactions, or when it is automatically sent to us by the device you use to access the Platform.

A. Information We Collect From You

When using the App, you may be requested to share the following types of information with us. This depends on the nature of your interactions with the Services, the options you select, and the products and features you use.

  • Personal Information:

We collect names; phone numbers; email addresses; usernames; passwords; contact preferences; contact or authentication data; debit/credit card numbers; bank account information; billing addresses; ; and other similar information.

  • Payment information:

When submitting a payment through our Platform, we collect information necessary to process the payment, such as debit/credit card number, and security code associated with your payment instrument, and financial account information, such as bank account numbers, and names, you will also need to provide information about the person for whom you are submitting a payment.  ● Media Login Data:

We may provide you with the option to register with us using your existing social media account details, like Google, Facebook, X, LinkedIn, Instagram or other social media accounts. If you choose to register in this way, you authorize us to access certain basic information from your social login provider. This information may include, but is not limited to, your name, email address, profile photo, and any publicly available data, as well as unique identifiers to help us recognize you across sessions. This information allows us to authenticate and manage your account securely, streamline your login experience, and comply with financial industry standards.

By using social login, you agree that we may access and use this information solely for account creation, and authentication, and to provide a seamless user experience. You are responsible for adhering to the terms of the respective social login provider when using their services to access our platform.

 All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

● Messages and Support Requests. 

We collect the information you submit when you communicate with us by email, chat, or other methods. This includes support request where you may submit information regarding a problem, when you contact one of our representatives directly or otherwise engage with our support team. A summary of the problem you are experiencing, screenshots, documentation, or information that would help resolve the issue.

B. Information We collect through our App

If you use our App, we also collect the following information:

  • Geolocation Information:

We may request access or permission to track location-based information from your mobile device, either continuously or while you are using our App, to provide certain location-based services. If you wish to change our access or permissions, you may do so in your device’s settings.

  • Mobile Device Access:

We may request access or permission to certain features from your mobile device, including your mobile device’s camera, contacts, SMS messages, and other features. If you wish to change our access or permissions, you may do so in your device’s settings.

  • Mobile Device Data:

We automatically collect device information (such as your mobile device ID, model, and manufacturer), operating system, version information, system configuration information, device and application identification numbers, browser type and version, hardware model, Internet service provider, and/or mobile carrier, and Internet Protocol (IP) address (or proxy server). If you are using our App, we may also collect information about the phone network associated with your mobile device, your mobile device’s operating system or platform, the type of mobile device you use, your mobile device’s unique device ID, and information about the features of our App you accessed.

  • Push Notifications:

We may request to send you push notifications regarding your account or certain features of the App. If you wish to opt out from receiving these types of communications, you may turn them off in your device’s settings.

This information is primarily needed to maintain the security and operation of our App, for troubleshooting, and for our internal analytics and reporting purposes.

C. Information We Collect From Others

We may receive information from others, including:

Financial Institutions and Service Providers. In the course of processing your payment transaction, we may work with several institutions, who we have partnered with, to help us provide our Platform, including banks and non-bank financial institutions such as card processors, electronic money institutions, and payment service providers. To process a payment, a financial institution or service provider may share with us information about the payer’s account such as account name, number, routing code, and other identifying information.

Designated Entities. We may be provided with your name and email address, before you create an account, from the educational institutions, healthcare providers, and other entities for which we serve as a payment agent, in order to contact you to encourage you to make a payment through our Platform. Furthermore, these Designated Entities may use the Platform to communicate with you and manage the receipt of payments.

2. HOW  WE USE INFORMATION WE COLLECTED

We process your personal information for our legitimate business interests, to enter into or perform a contract with you, with your consent, and/or to fulfill our legal obligations (compliance). We use personal information collected via our Services for several business purposes as described below. 

We use the information we collect or receive:

  • Provide and improve the Service;
  • We use your information to verify accounts and activities, to monitor suspicious or fraudulent activities, and to identify violations of policy.
  • Process your payment transaction and keep you informed about the status of your payment;
  • Comply with and enforce applicable legal requirements, industry standards, and our policies;
  • Prevent potentially illegal or prohibited activities and enforce our Terms of Use; ● To facilitate account creation and login process:

If you opt to link your account with us to a third-party account (such as your Google or other accounts), we use the information you allowed us to collect from those third parties to facilitate account creation and login process for the performance of the contract. 

  • To post testimonials:

We post testimonials on our Services that may contain personal information. Before posting a testimonial, we will obtain your consent to use your photos, name, and the content of the testimonial. If you wish to update or delete your testimonial, please contact us at dpo@mvendgroup.com, and include your name, testimonial location, and contact information; ● Request feedback:

We may use your information to request feedback and to contact you about your use of our Services;

  • To enable user-to-user communications:

To manage user accounts and keep it in working order;

To send administrative information to you:

We may use your personal information to send you product, service, and new feature information and/or information about changes to our terms, conditions, and policies; ● To protect our Services:

We may use your information as part of our efforts to keep our Services safe and secure (for example, for fraud monitoring and prevention);

  • To enforce our terms, conditions, and policies for business purposes:

We may enforce our terms, conditions, and policies for business purposes, to comply

with legal and regulatory requirements, or in connection with our contract; ● To respond to legal requests and prevent harm:

If we receive a subpoena or other legal request, we may need to inspect the data we hold to determine how to respond;

  • Fulfill and manage your orders:

We may use your information to fulfill and manage your orders, payments, returns, and exchanges made through the Services;

  • To deliver and facilitate the delivery of services to the user:

We may use your information to provide you with the requested service; ● To respond to user inquiries/offer support to users:

We may use your information to respond to your inquiries and solve any potential issues you might have with the use of our Services;

  • To send you marketing and promotional communications:

We and/or our third-party marketing partners may use the personal information you send us for our marketing purposes if this is in accordance with your marketing preferences. For example, when expressing an interest in obtaining information about us or our Services, subscribing to marketing, or otherwise contacting us, we will collect personal information from you. You can opt-out of our marketing emails at any time.  Deliver targeted advertising to you:

We may use your information to develop and display personalized content and advertising (and work with third parties who do so) tailored to your interests and/or location and to measure its effectiveness;

  • Compare information for accuracy and verify it with third parties;
  • De-identify or aggregate data collected through the Platform and use and disclose it for any purpose; and
  • For other business purposes:

We may use your information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and evaluating and improving our Services, products, marketing, and your experience. We may use and store this information in aggregated and anonymized form so that it is not associated with individual end users and does not include personal information.

3.  LEGAL BASIS FOR PROCESSING INFORMATION AND ITS DISCLOSURE

When we Process your Personal Data, we will rely on one of the following legal bases, as appropriate, with regard to the purpose of Processing: 

  • Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.

Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.

  • Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
  • Legal Obligations: We may disclose your information where we are legally required to do so to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
  • Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.

More specifically, we may need to process your data or share your personal information in the following situations:

  • Business Transfers: We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
  • Affiliates: We may share your information with our affiliates, in which case we will require those affiliates to honor this privacy notice. Affiliates include our subsidiaries, joint venture partners, or other companies that we control or that are under common control with us.
  • Business Partners: We may share your information with our business partners to offer you certain products, services, or promotions.
  • Regulatory Bodies: we may share your data as part of our Compliance and KYC Policy to the Regulatory Bodies not limited to the Central Bank of Rwanda, and National Cyber Security Authority.

4.  COOKIES AND OTHER TRACKING TECHNOLOGIES

We may use cookies and similar tracking technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookie Notice.

5. HOW LONG WE KEEP YOUR INFORMATION

We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice, a longer retention period is required or permitted by law (such as tax, accounting, or other legal requirements). We will keep your financial transaction information for ten (10) years as a part of complying with the relevant laws in Rwanda. When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize such information, or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

6. HOW WE KEEP YOUR INFORMATION SAFE

We aim to protect your personal information through a system of organizational and technical security measures. 

We have implemented appropriate technical and organizational security measures designed to protect all personal information we process, where we find it appropriate, storing sensitive personal data separately from other types of data, and applying measures such as tokenization, pseudonymization, or encryption. However, despite our safeguards and efforts to secure your information, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure. Therefore, we cannot promise or guarantee that hackers, cybercriminals, or other unauthorized third parties will not be able to defeat our security and improperly collect, access, steal, or modify your information. Although we will do our best to protect your personal information, the transmission of personal information to and from our Services is at your own risk. You should only access the Services within a secure environment.

7. YOUR RIGHTS

You have certain rights under the applicable data protection laws of Rwanda regarding your information, these may include: 

  • the right to request access and obtain a copy of your personal information: You have the right to request a copy of the personal information that MVend holds about you as permitted by the Law
  • the right to request rectification or erasure:  you have the right to correct the information held about you to ensure it is accurate, relevant, complete, and not excessive. 
  • the right to restrict the processing of your personal information: you have the right to limit Us from processing your data for a given period under the conditions provided by the Law. if the purpose of collecting and processing your information was to comply with the Laws in place, for the public interest, or to meet our contractual obligation to you. In that case, it will not be practicable for you to invoke this right.
  • the right to data portability: You also have the right to request Us in writing or electronically to have your data transmitted to another data controller, where technically feasible, without hindrance.
  • the right to object to processing your personal information. 
  • right to withdraw your consent: If we rely on your consent to process your personal information, you can withdraw your consent at any time. However, this will not affect the lawfulness of the processing before its withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.

To make such a request, please use the contact details provided below. We will consider and act upon any request in accordance with the applicable data protection laws.

(vii)Account Information

If you would at any time like to review or change the information in your account or terminate your account, you can:

  • Log in to your account settings and update your user account.
  • Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use, and/or comply with applicable legal requirements.

(viii) Cookies and Similar Technologies: Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove cookies and reject cookies. If you choose to remove cookies or reject cookies, this could affect certain features or services of our Services. Opting Out of Email Marketing: You can unsubscribe from our marketing email list at any time by clicking on the unsubscribe link in our emails or by contacting us using the details provided below. You will then be removed from the marketing email list. However, we may still communicate with you, for example, to send you service-related emails necessary for the administration and use of your account, to respond to service requests, or for other non-marketing purposes.

To request to review, update, or delete your personal information, please submit a request by sending us an email at: dpo@mvendgroup.com. 

8. UPDATES TO THIS NOTICE

We may update this privacy notice from time to time. The updated version will be indicated by an updated “Revised” date, and the updated version will be effective as soon as it is published on our Services. If we make material changes to this privacy notice, we may notify you either by prominently posting a notice of such changes or by directly sending you a notification. We encourage you to visit our websites to check whether there has been any modification to this privacy notice. 

9. HOW YOU CAN  CONTACT US ABOUT THIS NOTICE

If you have any questions or concerns regarding this  Privacy Notice and would like further information about how we protect your information, you may contact our Data Protection Officer (DPO) by:

  • sending us an email at dpo@mvendgroup.com, 
  • phone call: +250787096502, or 
  • post at: MVend Limited Head Offices, 1st Floor, Tele10 Building, 1 KG 230 ST, Nyarutarama, Gishushu, Remera, Gasabo,  Kigali- Rwanda.

Stay Updated

Subscribe to our newsletter for: (Smart financial tips, Latest product updates, Inspiring stories from our customers)

© Gwiza 2025

Company

About Us

Our App

Careers

Help

Customer support

Video Tutorials

FAQ’s

Resources

Privacy Notice

Reports

Blog

Contact Us

support@mvendgroup.com

+250787096502

© Gwiza 2025

Gwiza is a product of MVend. MVend is licensed by the National Bank of Rwanda as a PSP. © 2018 – 2023 Gwiza. A product of MVend. All rights reserved.

Registered & Operating Across East Africa and Beyond

Gwiza is proudly present in Rwanda, Zambia, Uganda, and Burundi with regional offices supporting our mission to make digital finance accessible to everyone. We operate across East Africa with offices in:

Rwanda HQ:  3 KG 230 ST, Kigali
Zambia Office: Kabulonga 218 Alick Nkhata Road
Uganda Office: Plot 135 Ntinda Road, Kampala
Burundi Office: Tele10 Building, Bujumbura

Scroll to Top