Skip to main content

Privacy Policy

This Privacy Policy outlines Our policies and procedures regarding the collection, use, and disclosure of Your information when You use Our Service. It also informs You about Your privacy rights and how applicable laws protect You.

By using the Service, You consent to the collection and use of information in accordance with this Privacy Policy.

Interpretation and Definitions

Interpretation

Words with capitalized initials have defined meanings. These definitions apply regardless of whether the words appear in singular or plural form.

Definitions

For the purposes of this Privacy Policy:

  • Account refers to a unique profile created to access Our Service.
  • Affiliate means an entity that controls, is controlled by, or is under common control with Us.
  • Application refers to the Mobimal mobile application provided by the Company.
  • Company (referred to as “We,” “Us,” or “Our”) means Masarat for IT and Financial Services, Tripoli, Libya.
  • Country refers to Libya.
  • Device means any device capable of accessing the Service, including computers, smartphones, and tablets.
  • Personal Data refers to any information related to an identified or identifiable individual.
  • Service refers to the Application and associated functionalities.
  • Service Provider means third parties engaged to process data on Our behalf.
  • Usage Data refers to data collected automatically when using the Service.
  • Add Friend refers to a feature enabling users to scan a QR code to add a beneficiary for money transfers to National Commercial Bank account holders and other banks in Libya.
  • You refers to the individual or entity accessing the Service.

Collecting and Using Your Personal Data

Types of Data Collected

Personal Data

We may collect the following personally identifiable information:

  • Email address
  • First and last name
  • Phone number
  • Usage Data

Usage Data

Usage Data is collected automatically and may include:

  • IP address
  • Browser type and version
  • Pages visited, visit duration, and other analytics
  • Device type and identifiers
  • Mobile operating system details

Information Collected While Using the Application

With Your permission, We may collect:

  • Location Data (used per session only, for ATM/branch locator features)
  • Camera Access (for QR code-based payments)
  • Network Access (to enable transaction processing)
  • SMS Autofill (for OTP verification)

You can enable or disable access to these features at any time via Your device settings.

Money Transfer Service Using IBAN

To facilitate money transfers, We may collect:

  • Sender Information: Name, address, phone number, email
  • Recipient Information: Name, IBAN
  • Transaction Details: Amount, currency, reference (if provided)
  • Identification Verification: (Potential future requirement for compliance)
  • Device Information: Device type and operating system

Use of Your Information:

  • Process transactions securely
  • Verify identity and prevent fraud
  • Provide customer support
  • Comply with regulatory obligations

Information Sharing:

  • Third-Party Service Providers (e.g., payment processors, fraud screening services)
  • Regulatory Authorities (for anti-money laundering (AML) and know-your-customer (KYC) compliance)

Data Security Measures:

We implement safeguards such as:

  • Encryption: Data is encrypted in transit and at rest.
  • Access Controls: Only authorized personnel have access.
  • Regular Security Audits: We conduct periodic assessments to identify vulnerabilities.

Permissions and Access Control

We request permissions solely to provide essential functionalities, including:

  • Location Services (Optional): Find ATMs/branches.
  • Camera Access: QR code-based payments (images not stored).
  • Notifications (Optional): Account activity alerts, security updates.
  • Secure Login: Encrypted data storage for enhanced performance.

You can modify permissions at any time via Your device settings.

ISO 27001 Compliance & Security

As part of Our commitment to information security, We adhere to ISO 27001:2022 standards to ensure confidentiality, integrity, and availability of data. Our security framework includes:

  • Risk Management: Regular risk assessments to identify and mitigate security threats.
  • Data Encryption: Secure encryption methods for data transmission and storage.
  • Incident Response: A structured plan to detect, respond, and recover from security incidents.
  • User Access Controls: Role-based access restrictions to limit data exposure.
  • Audit and Compliance Monitoring: Continuous audits to ensure adherence to regulatory and compliance requirements.

In case of a data breach, We will promptly notify affected users and relevant authorities, as per applicable regulations.

Data Retention

We retain Personal Data only as long as necessary for:

  • Service provision and legal compliance
  • Fraud prevention and dispute resolution
  • Business analytics and service improvement

Usage Data may be retained for a shorter period unless required for security or legal compliance.

Children’s Privacy

Our Service is not intended for individuals under 18. We do not knowingly collect data from minors. If You are a parent or guardian and believe Your child has provided Personal Data, please contact Us for removal.

Your Rights

Depending on Your location and applicable laws, You may have the right to:

  • Access Your Data: Request a copy of the information We hold.
  • Correct Inaccuracies: Update or rectify incorrect information.
  • Restrict Processing: Limit how We use Your data.
  • Deactivation request: request a temporairly deactivate your mobile banking account to proceed and delete it personally in your designated branch.
  • Data Portability: Transfer Your data to another provider.
  • Object to Processing: Opt-out of certain uses, such as marketing.

To exercise these rights, contact Us via the details below.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be notified via email or a prominent notice on Our Service. Please review this policy periodically for updates.

Contact Us

For any questions regarding this Privacy Policy, You can contact Us at: