Privacy Policy
This Privacy Policy outlines Our policies and procedures regarding the collection, use, and disclosure of Your information when You use Our Service. It also informs You about Your privacy rights and how applicable laws protect You.
By using the Service, You consent to the collection and use of information in accordance with this Privacy Policy.
Interpretation and Definitions
Interpretation
Words with capitalized initials have defined meanings. These definitions apply regardless of whether the words appear in singular or plural form.
Definitions
For the purposes of this Privacy Policy:
- Account refers to a unique profile created to access Our Service.
- Affiliate means an entity that controls, is controlled by, or is under common control with Us.
- Application refers to the Mobimal mobile application provided by the Company.
- Company (referred to as “We,” “Us,” or “Our”) means Masarat for IT and Financial Services, Tripoli, Libya.
- Country refers to Libya.
- Device means any device capable of accessing the Service, including computers, smartphones, and tablets.
- Personal Data refers to any information related to an identified or identifiable individual.
- Service refers to the Application and associated functionalities.
- Service Provider means third parties engaged to process data on Our behalf.
- Usage Data refers to data collected automatically when using the Service.
- Add Friend refers to a feature enabling users to scan a QR code to add a beneficiary for money transfers to National Commercial Bank account holders and other banks in Libya.
- You refers to the individual or entity accessing the Service.
Collecting and Using Your Personal Data
Types of Data Collected
Personal Data
We may collect the following personally identifiable information:
- Email address
- First and last name
- Phone number
- Usage Data
Usage Data
Usage Data is collected automatically and may include:
- IP address
- Browser type and version
- Pages visited, visit duration, and other analytics
- Device type and identifiers
- Mobile operating system details
Information Collected While Using the Application
With Your permission, We may collect:
- Location Data (used per session only, for ATM/branch locator features)
- Camera Access (for QR code-based payments)
- Network Access (to enable transaction processing)
- SMS Autofill (for OTP verification)
You can enable or disable access to these features at any time via Your device settings.
Money Transfer Service Using IBAN
To facilitate money transfers, We may collect:
- Sender Information: Name, address, phone number, email
- Recipient Information: Name, IBAN
- Transaction Details: Amount, currency, reference (if provided)
- Identification Verification: (Potential future requirement for compliance)
- Device Information: Device type and operating system
Use of Your Information:
- Process transactions securely
- Verify identity and prevent fraud
- Provide customer support
- Comply with regulatory obligations
Information Sharing:
- Third-Party Service Providers (e.g., payment processors, fraud screening services)
- Regulatory Authorities (for anti-money laundering (AML) and know-your-customer (KYC) compliance)
Data Security Measures:
We implement safeguards such as:
- Encryption: Data is encrypted in transit and at rest.
- Access Controls: Only authorized personnel have access.
- Regular Security Audits: We conduct periodic assessments to identify vulnerabilities.
Permissions and Access Control
We request permissions solely to provide essential functionalities, including:
- Location Services (Optional): Find ATMs/branches.
- Camera Access: QR code-based payments (images not stored).
- Notifications (Optional): Account activity alerts, security updates.
- Secure Login: Encrypted data storage for enhanced performance.
You can modify permissions at any time via Your device settings.
ISO 27001 Compliance & Security
As part of Our commitment to information security, We adhere to ISO 27001:2022 standards to ensure confidentiality, integrity, and availability of data. Our security framework includes:
- Risk Management: Regular risk assessments to identify and mitigate security threats.
- Data Encryption: Secure encryption methods for data transmission and storage.
- Incident Response: A structured plan to detect, respond, and recover from security incidents.
- User Access Controls: Role-based access restrictions to limit data exposure.
- Audit and Compliance Monitoring: Continuous audits to ensure adherence to regulatory and compliance requirements.
In case of a data breach, We will promptly notify affected users and relevant authorities, as per applicable regulations.
Data Retention
We retain Personal Data only as long as necessary for:
- Service provision and legal compliance
- Fraud prevention and dispute resolution
- Business analytics and service improvement
Usage Data may be retained for a shorter period unless required for security or legal compliance.
Children’s Privacy
Our Service is not intended for individuals under 18. We do not knowingly collect data from minors. If You are a parent or guardian and believe Your child has provided Personal Data, please contact Us for removal.
Your Rights
Depending on Your location and applicable laws, You may have the right to:
- Access Your Data: Request a copy of the information We hold.
- Correct Inaccuracies: Update or rectify incorrect information.
- Restrict Processing: Limit how We use Your data.
- Deactivation request: request a temporairly deactivate your mobile banking account to proceed and delete it personally in your designated branch.
- Data Portability: Transfer Your data to another provider.
- Object to Processing: Opt-out of certain uses, such as marketing.
To exercise these rights, contact Us via the details below.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Changes will be notified via email or a prominent notice on Our Service. Please review this policy periodically for updates.
Contact Us
For any questions regarding this Privacy Policy, You can contact Us at:
- Email: support@masarat.ly
- Phone: 0900300900