Privacy Policy

Effective Date: June 2022
Last Updated: March 2026

Anbesa Bank ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you use our lending products, including our mobile applications, websites, portals, APIs, and related services (collectively, the "Services").

By accessing or using our Services, you acknowledge that you have read and understood this Privacy Policy.

1. Scope of This Policy

This Privacy Policy applies to information we collect from:

• loan applicants and borrowers;
• users of our mobile apps and web platforms;
• guarantors, referees, or emergency contacts where applicable;
• merchants, agents, partners, and service providers using our lending ecosystem.

2. Information We Collect

We may collect the following categories of information:

2.1 Personal Identification Information

• full name;
• date of birth;
• gender;
• national ID, passport, tax ID, or other identification details;
• photograph or selfie for identity verification;
• signature and KYC verification records.

2.2 Contact Information

• phone number;
• email address;
• physical address;
• postal address;
• next-of-kin, referee, or emergency contact details where required.

2.3 Financial and Lending Information

• bank account details;
• mobile money wallet details;
• income, employment, and business information;
• loan application details;
• repayment history and outstanding balances;
• transaction history related to our Services;
• credit history and creditworthiness data from credit bureaus or similar providers.

2.4 Device and Technical Information

• device model, operating system, and app version;
• IP address and browser type;
• device identifiers;
• log files, crash reports, diagnostics, and usage data;
• network and session metadata.

2.5 Location Information

We may collect approximate or precise location information where permitted by law and where necessary for fraud prevention, service delivery, branch/agent discovery, risk assessment, or regulatory compliance.

2.6 Communications and Support Data

• messages sent through the app, website, email, chat, or call center;
• customer support interactions and complaint records;
• call recordings where legally permitted and appropriately disclosed.

2.7 Information from Third Parties

• credit reference bureaus;
• identity verification providers;
• payment processors and financial institutions;
• employers, merchants, telecom operators, agents, or other partners;
• public databases, sanctions lists, fraud databases, and regulatory sources.

3. How We Collect Information

We collect information in several ways, including when you:

• create an account or submit a loan application;
• upload documents or complete KYC checks;
• make repayments or use financial features in the app;
• communicate with our support team;
• browse our website or use our mobile application;
• interact with us through merchants, agents, employers, or partners;
• provide consent for data access where required.

4. How We Use Your Information

We may use your personal information for the following purposes:

• to register and manage your account;
• to process and assess loan applications;
• to verify your identity and perform KYC/AML checks;
• to evaluate affordability, eligibility, and credit risk;
• to disburse loans and process repayments;
• to detect, prevent, and investigate fraud, abuse, and security incidents;
• to comply with legal, regulatory, and audit obligations;
• to communicate with you about your account, transactions, and support requests;
• to improve our products, analytics, user experience, and risk models;
• to enforce our terms, agreements, and internal policies;
• to send service-related notices and, where permitted, marketing communications.

5. Legal Bases for Processing

Depending on the applicable law, we may process your information on one or more of the following grounds:

• your consent;
• performance of a contract or pre-contractual steps at your request;
• compliance with legal and regulatory obligations;
• our legitimate interests, including service improvement, fraud prevention, and debt recovery;
• protection of vital interests or public interest, where applicable.

6. Automated Decision-Making and Credit Assessment

We may use automated tools, scoring models, and internal risk rules to help assess loan applications, determine credit limits, detect fraud, and support responsible lending decisions. These tools may use information you provide directly, information obtained from third parties, and information derived from your use of our Services.

Where required by applicable law, you may have the right to request human review of certain automated decisions, to express your point of view, and to contest a decision.

7. Sharing and Disclosure of Information

We may share your information with:

• our affiliates, subsidiaries, and group companies;
• banks, payment processors, and mobile money providers;
• credit bureaus, identity verification providers, and fraud prevention services;
• technology vendors, cloud providers, analytics tools, and customer support platforms;
• collection agencies, insurers, auditors, lawyers, and professional advisers;
• regulators, courts, law enforcement agencies, and government authorities where required;
• merchants, employers, guarantors, or partners where necessary for product delivery or compliance.

We do not sell your personal information to third parties unless expressly disclosed and permitted by applicable law.

8. Cookies and Similar Technologies

Our websites and digital platforms may use cookies, SDKs, pixels, local storage, and similar technologies to:

• maintain sessions and authentication;
• remember preferences;
• analyze traffic and product performance;
• improve security and fraud monitoring;
• support marketing and attribution where legally permitted.

You may manage cookies through your browser settings, though disabling certain cookies may affect service functionality.

9. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes described in this Privacy Policy, including for legal, accounting, regulatory, audit, dispute resolution, fraud prevention, and enforcement purposes.

Retention periods may vary depending on the type of information, the nature of your relationship with us, and the legal requirements that apply to lending, financial reporting, and anti-money laundering compliance.

10. Data Security

We implement reasonable administrative, technical, and organizational safeguards designed to protect personal information against unauthorized access, loss, misuse, alteration, disclosure, or destruction. These measures may include:

• encryption in transit and at rest where appropriate;
• access controls and role-based permissions;
• monitoring, logging, and fraud detection systems;
• secure development and infrastructure practices;
• staff training and confidentiality obligations.

No system is completely secure, and we cannot guarantee absolute security.

11. International Data Transfers

Your personal information may be processed or stored in countries other than your own, including where our service providers or infrastructure are located. Where cross-border data transfers occur, we take reasonable steps to ensure appropriate safeguards are in place in accordance with applicable law.

12. Your Rights

Depending on your jurisdiction, you may have the right to:

• access the personal information we hold about you;
• request correction of inaccurate or incomplete information;
• request deletion of your information, where legally permitted;
• object to or restrict certain processing activities;
• withdraw consent where processing is based on consent;
• request portability of your data where applicable;
• request review of certain automated decisions;
• lodge a complaint with a regulator or data protection authority.

We may need to verify your identity before processing certain requests. Some rights may be limited where we are legally required to retain or continue processing your information.

13. Children's Privacy

Our Services are not intended for children unless specifically stated otherwise and supported by lawful grounds. We do not knowingly collect personal information from children in violation of applicable law. If you believe a child has provided us with personal information unlawfully, please contact us so we can take appropriate action.

14. Third-Party Services and Links

Our Services may contain links to third-party websites, apps, or services. We are not responsible for the privacy practices, content, or security of those third parties. We encourage you to review their privacy notices before providing any information to them.

15. Marketing Communications

Where permitted by law, we may send you promotional or educational communications about our products, offers, updates, or partner services. You may opt out of non-essential marketing communications at any time using the unsubscribe option provided or by contacting us directly.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our business, technology, legal obligations, or product offerings. When we make material changes, we will update the "Last Updated" date and may provide additional notice through our app, website, email, or other appropriate channels.

17. Contact Us

If you have questions, requests, or complaints regarding this Privacy Policy or our data handling practices, please contact us at:

Anbesa Bank
Email: [email protected]
Phone: 8803
Address: Athlete Haile G/Selassie Avenue, Lex Plaza Bldg. Addis Ababa, Ethiopia