Back to Home

Privacy Policy

Last updated: January 15, 2026

Our Commitment: At Habib, we believe your personal data belongs to you. We collect only what's necessary to provide our services, and we never sell your data to third parties.

Information We Collect

When you use Habib, we collect information to provide and improve our services:

  • Account Information: Name, email address, phone number when you register
  • Identity Verification: Government ID and selfie for KYC/AML compliance (required for trading)
  • Financial Information: Bank account or M-Pesa details for donations and payouts
  • Transaction Data: Donation history, investment activity, Zakat calculations
  • Device Information: IP address, browser type, device identifiers for security
  • Usage Data: How you interact with our app to improve user experience

How We Use Your Information

  • Service Delivery: Process donations, execute trades, calculate Zakat
  • Security: Protect your account and detect fraudulent activity
  • Compliance: Meet legal and regulatory requirements (KYC/AML)
  • Communication: Send transaction confirmations, receipts, and important updates
  • Improvement: Analyze usage patterns to enhance our platform

Data Security

We implement industry-standard security measures to protect your data:

  • 256-bit SSL/TLS encryption for all data in transit
  • AES-256 encryption for sensitive data at rest
  • Two-factor authentication (2FA) available for all accounts
  • Regular security audits and penetration testing
  • SOC 2 Type II compliance (in progress)

Data Sharing

We share your information only in these circumstances:

  • With Charities: When you make a donation, we share your name and contact details with the recipient charity (unless you choose anonymous)
  • Payment Processors: M-Pesa, Stripe, and banks to process transactions
  • Legal Requirements: When required by law, court order, or regulatory authority
  • Service Providers: Cloud hosting, analytics, customer support (under strict data protection agreements)

We Never: Sell your personal data to advertisers, data brokers, or any third parties. Your financial information is never shared for marketing purposes.

Data Retention

  • Account Data: Retained while your account is active, deleted within 30 days of account closure
  • Transaction Records: Retained for 7 years for tax and regulatory compliance
  • KYC Documents: Retained for 5 years after account closure (regulatory requirement)
  • Usage Logs: Automatically deleted after 90 days

Your Rights

Under applicable data protection laws, you have the right to:

  • Access: Request a copy of all personal data we hold about you
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your data (subject to legal retention requirements)
  • Portability: Receive your data in a machine-readable format
  • Objection: Opt out of marketing communications at any time

Contact Us

For privacy-related inquiries or to exercise your rights:

  • Email: privacy@habib.app
  • Address: Habib Technologies Ltd, Westlands, Nairobi, Kenya
  • Data Protection Officer: dpo@habib.app

This privacy policy may be updated periodically. We will notify you of significant changes via email or in-app notification. Continued use of Habib after changes constitutes acceptance of the updated policy.