OGNIMOHUB MFS Privacy Policy Version 2.6 | Effective Date: May 12, 2026 | Classification: Public |
YOUR PRIVACY AT A GLANCE |
We collect data to provide and improve our services. We do not sell your personal data. You have the right to access, correct, and delete your data at any time. We use industry-standard security to protect your information. This Policy explains everything clearly — we encourage you to read it in full. |
Table of Contents
Section | Title |
|---|---|
1 | Introduction and Who We Are |
2 | Scope of This Policy |
3 | Data We Collect and How We Collect It |
4 | Legal Bases for Processing Personal Data |
5 | How We Use Your Personal Data |
6 | Data Sharing and Disclosure |
7 | Cookies and Tracking Technologies |
8 | Data Retention |
9 | International Data Transfers |
10 | Your Data Subject Rights |
11 | Children's Privacy |
12 | Security of Your Personal Data |
13 | Third-Party Links and Services |
14 | Special Categories of Data |
15 | Automated Decision-Making and Profiling |
16 | Marketing Communications |
17 | Changes to This Privacy Policy |
18 | Contact Us and the Data Protection Officer |
1. Introduction and Who We Are
Ognimohub MFS ("Ognimohub", "we", "us", or "our") is a fintech and digital services company providing Mobile Finance Services (MFS), IT Solutions, e-Learning, and Digital Marketing services through our digital platforms and applications. We are committed to protecting the privacy and personal data of every individual who interacts with us.
This Privacy Policy explains who we are, what personal data we collect, why we collect it, how we use and protect it, who we share it with, how long we retain it, and what rights you have over your personal data. It applies to all users of Ognimohub's platforms, applications, websites, and services, including ognimohub.com and all associated digital properties.
We process personal data as a data controller, meaning we determine the purposes and means by which your personal data is processed. Where we process data on behalf of business clients, we act as a data processor under the terms of a formal data processing agreement.
Our Commitment: |
We do not sell, rent, or trade your personal data to any third party for their own commercial purposes. Your data is used only to deliver, improve, and secure our services, comply with legal obligations, and communicate with you in ways you have authorized. |
2. Scope of This Policy
This Privacy Policy applies to personal data collected, processed, stored, or transmitted by Ognimohub in connection with:
Use of the Ognimohub MFS mobile and web applications.
Use of Ognimohub's IT Solutions, e-Learning, and Digital Marketing platforms.
Visits to ognimohub.com and any associated subdomains or digital properties.
Communications with Ognimohub via email, phone, WhatsApp, support tickets, or any other channel.
Participation in surveys, promotions, events, or research conducted by Ognimohub.
Integration with Ognimohub's APIs by third-party developers or partners.
This Policy does not apply to third-party websites, applications, or services that may be linked from our platforms. We encourage you to review the privacy policies of any third-party services you access through our platforms.
3. Data We Collect and How We Collect It
We collect personal data in several ways: directly from you when you register, transact, or contact us; automatically when you use our platforms; and from third parties such as identity verification services and financial partners. The categories of personal data we collect depend on which Services you use.
3.1 Identity and Account Data
Collected when you register for any Ognimohub service:
Full legal name, date of birth, and gender.
Email address and mobile phone number.
Username, password (stored in encrypted form), and security questions.
Nationality and country of residence.
Government-issued identification documents (National ID, Passport, Driver's Licence) — collected for KYC compliance on MFS accounts.
Selfie or biometric facial verification data — collected for identity verification where required.
Business registration details and authorized signatory information for corporate accounts.
3.2 Financial and Transaction Data
Collected when you use Ognimohub's Mobile Finance Services:
Digital wallet balance and account transaction history.
Payment and transfer records, including sender and recipient details, amounts, timestamps, and reference numbers.
Linked bank account details, mobile money numbers, and payment instrument metadata.
Source of funds declarations and financial risk assessment data.
Credit and affordability data where applicable to specific financial products.
3.3 Device and Technical Data
Collected automatically when you access our platforms:
Device identifiers including IMEI, device ID, and MAC address.
IP address, browser type, and version.
Operating system and application version.
Session duration, pages visited, and clickstream data.
Mobile network information and geolocation data (where location services are enabled).
Push notification tokens and device language settings.
Error and crash reports for platform stability and improvement.
3.4 Behavioural and Usage Data
Collected as you interact with our platforms:
In-app navigation patterns and feature usage frequency.
Search history and content interactions within the Platform.
e-Learning course progress, assessment scores, completion records, and learning preferences.
Digital Marketing engagement data including email open rates, click-through rates, and campaign interactions.
3.5 Communication and Support Data
Collected when you contact us or use our support services:
Content of messages, emails, chat transcripts, and support ticket submissions.
Records of calls, WhatsApp conversations, and other direct communications with our team.
Feedback, complaints, and dispute records.
Survey responses and product feedback submissions.
3.6 Marketing and Preference Data
Collected to personalize your experience and manage communications:
Marketing communication preferences and opt-in or opt-out choices.
Referral and affiliate tracking data.
Product and service interests inferred from your usage of the Platform.
3.7 Data Collected from Third Parties
We may also receive personal data about you from the following sources:
Identity verification and KYC service providers — to verify your identity against government databases and watchlists.
Credit reference agencies and fraud prevention databases — to assess risk and prevent financial crime.
Financial institutions and mobile money operators — to facilitate transactions and reconcile accounts.
Social media platforms — where you connect a social account to Ognimohub or interact with our social media pages.
Third-party referral partners — if you were referred to Ognimohub through a partner programme.
4. Legal Bases for Processing Personal Data
Under the General Data Protection Regulation (GDPR) and equivalent data protection laws, every use of your personal data must have a valid legal basis. The following table sets out the legal bases on which Ognimohub processes your personal data:
Processing Activity | Legal Basis | Explanation |
|---|---|---|
Account registration and identity verification | Contract Performance | Necessary to create and manage your account as part of our service agreement. |
KYC and AML compliance checks | Legal Obligation | Required by financial regulations including AML/CFT legislation. |
Processing MFS transactions | Contract Performance | Necessary to execute the financial transactions you request. |
Fraud detection and security monitoring | Legitimate Interests / Legal Obligation | Protects you, other users, and Ognimohub from financial crime and unauthorized access. |
Sending service communications and alerts | Contract Performance / Legal Obligation | Essential account and transaction notifications required to deliver the service. |
Improving and developing our products | Legitimate Interests | We have a legitimate interest in improving the performance, security, and usability of our services. |
Personalization and recommendations | Legitimate Interests / Consent | Where based on consent, you may withdraw at any time. |
Sending marketing communications | Consent | We only send marketing emails and notifications where you have opted in. You may withdraw consent at any time. |
Compliance with court orders and regulatory directives | Legal Obligation | We are required by law to comply with lawful requests from courts, regulators, and law enforcement. |
Analytics and platform performance measurement | Legitimate Interests | We process aggregated and anonymized usage data to monitor and improve platform performance. |
Responding to support enquiries | Contract Performance / Legitimate Interests | Necessary to provide customer support as part of our service. |
Where we rely on legitimate interests as a legal basis, we have conducted a legitimate interests assessment (LIA) to ensure that our interests are not overridden by your fundamental rights and freedoms. You have the right to object to processing based on legitimate interests at any time.
5. How We Use Your Personal Data
Ognimohub uses personal data only for the purposes for which it was collected or for compatible purposes. We do not use your data in ways that would be unexpected or that go beyond what is necessary for our stated purposes.
5.1 Providing and Operating Our Services
Creating and managing your Account, including verifying your identity through KYC processes.
Processing financial transactions, wallet operations, and related MFS functions.
Delivering IT Solutions, e-Learning content, and Digital Marketing services as contracted.
Sending transactional notifications, account alerts, and service communications.
Responding to customer support enquiries and resolving disputes.
5.2 Compliance and Risk Management
Conducting Anti-Money Laundering (AML), Counter-Financing of Terrorism (CFT), and sanctions screening.
Meeting Know Your Customer (KYC) and Customer Due Diligence (CDD) requirements under applicable financial regulations.
Detecting, investigating, and preventing fraud, unauthorized access, and financial crime.
Complying with court orders, regulatory directives, subpoenas, and lawful requests from competent authorities.
Maintaining records required by financial, tax, and audit regulations.
5.3 Safety and Security
Monitoring for suspicious activity, unauthorized account access, and platform vulnerabilities.
Implementing and improving security measures, including multi-factor authentication and encryption.
Preventing and investigating misuse of the Platform, including violations of our Terms of Service.
5.4 Service Improvement and Analytics
Analysing usage patterns and performance data to improve the functionality and user experience of our platforms.
Conducting internal research and analysis to develop new features, products, and services.
Generating aggregated, anonymized insights about our user base and service performance — such insights do not identify individual users.
5.5 Marketing and Communications
Sending promotional communications, product updates, and special offers — only where you have provided explicit consent or where permitted by applicable law.
Personalizing content, recommendations, and promotional material based on your usage history and preferences.
Administering referral programmes, competitions, surveys, and events.
6. Data Sharing and Disclosure
Ognimohub does not sell, rent, or trade your personal data to third parties for their own commercial purposes. We share your data only in the limited circumstances described below, and only to the extent necessary for each purpose.
6.1 Authorized Service Providers and Data Processors
We engage trusted third-party service providers to assist us in operating the Platform and delivering our Services. These providers act as data processors and are contractually bound to process your data only on our documented instructions, to implement appropriate security measures, and not to use your data for their own purposes. Categories of service providers include:
Identity verification and KYC providers — to verify your identity and screen against sanctions and watchlists.
Payment processors and banking partners — to facilitate financial transactions and wallet operations.
Cloud infrastructure and hosting providers — to host and operate our platforms securely.
Customer support and communications platforms — to manage support tickets, emails, and in-app messaging.
Analytics and product monitoring tools — to track platform performance and user experience.
Cybersecurity and fraud prevention providers — to monitor for threats and protect the Platform.
Marketing and communication platforms — to manage email campaigns and notifications, where consent is obtained.
6.2 Financial Regulatory Authorities
As a regulated financial services provider, Ognimohub is legally required to share certain data with financial regulatory authorities, financial intelligence units (FIUs), central banks, and law enforcement agencies. Such disclosures may include:
Suspicious transaction reports (STRs) filed under AML/CFT obligations.
Customer identification and transaction data requested under lawful orders or regulatory directives.
Audit and compliance records submitted during regulatory inspections.
Where legally permitted, we will notify you if we are required to disclose your data to a regulatory authority or law enforcement body.
6.3 Business Transfers
In the event of a merger, acquisition, corporate restructuring, asset sale, or insolvency proceeding involving Ognimohub, personal data held by Ognimohub may be transferred to the acquiring entity or successor as part of the transaction. We will provide advance notice to affected users and ensure that the receiving entity is bound by privacy commitments consistent with this Policy.
6.4 With Your Consent
We may share your personal data with third parties for purposes not listed above where you have given us your explicit, informed, and freely given consent. You may withdraw such consent at any time by contacting us through the channels listed in Section 18.
6.5 Aggregated and Anonymized Data
We may share aggregated, anonymized, and de-identified data — which cannot reasonably be used to identify you — with business partners, researchers, and the public for industry reporting, research, and service improvement purposes.
7. Cookies and Tracking Technologies
Ognimohub uses cookies and similar tracking technologies on its web and mobile platforms to enhance functionality, improve your experience, and support security and analytics. This section explains what cookies are, which types we use, and how you can manage your preferences.
7.1 What Are Cookies?
Cookies are small text files placed on your device when you visit a website or use an application. They allow the platform to recognize your device, remember your preferences, and track how you interact with the service. Similar technologies include web beacons, pixel tags, local storage objects, and session identifiers.
7.2 Types of Cookies We Use
Cookie Type | Purpose |
|---|---|
Strictly Necessary Cookies | Essential for the Platform to function. These enable login authentication, session management, security features, and fraud prevention. They cannot be disabled without breaking core functionality. |
Functional Cookies | Remember your preferences, language settings, and personalization choices to provide a consistent experience across sessions. |
Analytics and Performance Cookies | Collect anonymous data about how users interact with the Platform, including pages visited, errors encountered, and session duration. Used to improve platform performance. |
Security Cookies | Used to detect malicious activity, prevent unauthorized access, and enforce session security. |
Marketing and Targeting Cookies | Used to deliver relevant promotional content and measure the effectiveness of marketing campaigns — only where you have provided consent. |
7.3 Managing Your Cookie Preferences
You can manage or withdraw your consent to non-essential cookies at any time through:
The cookie preferences settings within the Ognimohub platform or website.
Your device or browser settings to block or delete cookies.
Contacting us at support@ognimohub.com to request adjustment of your cookie preferences.
Please note that disabling strictly necessary cookies will prevent you from accessing certain features of the Platform, including account login and transaction functionality.
8. Data Retention
Ognimohub retains personal data only for as long as necessary to fulfil the purposes for which it was collected, to provide our Services, and to comply with applicable legal, regulatory, audit, and dispute resolution obligations. When data is no longer required, it is securely deleted, destroyed, or irreversibly anonymized.
Data Category | Standard Retention Period | Legal Basis for Retention |
|---|---|---|
Account and identity data (active accounts) | Duration of account relationship | Contract performance |
Account and identity data (closed accounts) | 5–7 years post-closure | Legal / Regulatory obligation (AML/KYC) |
KYC documents and biometric data | 5 years after end of business relationship | Financial regulatory obligation |
Financial transaction records | 5–7 years | AML/CFT, tax, and audit regulations |
Support and communication records | 3 years | Legitimate interests (dispute resolution) |
e-Learning records and certificates | 5 years or until deletion request | Legitimate interests / Contract |
Marketing consent and preference records | Until consent withdrawn + 1 year | Consent / Legal compliance |
Device and technical data | 13 months (rolling) | Legitimate interests (analytics, security) |
Fraud and security investigation records | Duration of investigation + up to 7 years | Legal obligation |
Anonymized analytics data | Indefinitely (not personal data) | Legitimate interests |
Where a legal or regulatory retention obligation requires us to retain data beyond your account closure or deletion request, we will inform you of the specific categories retained, the legal basis, and the expected retention period as part of our deletion confirmation process.
9. International Data Transfers
Ognimohub operates across multiple jurisdictions and engages service providers globally. As a result, your personal data may be transferred to, stored in, or processed in countries outside your country of residence, including countries that may not provide the same level of data protection as your home jurisdiction.
Where personal data is transferred internationally, Ognimohub implements appropriate safeguards in accordance with applicable data protection law to ensure your data receives an equivalent level of protection, including:
Standard Contractual Clauses (SCCs) — approved by the European Commission for transfers from the EEA to third countries.
Adequacy decisions — where the European Commission or relevant authority has determined that the destination country provides adequate data protection.
Binding Corporate Rules (BCRs) — where applicable for intra-group data transfers.
Other lawful transfer mechanisms — as approved from time to time by competent data protection authorities.
You may request information about the specific safeguards applied to international transfers of your personal data by contacting our Data Protection Officer at the details provided in Section 18.
10. Your Data Subject Rights
Depending on your location and the applicable data protection law, you have the following rights in respect of your personal data held by Ognimohub. We are committed to honoring these rights promptly and transparently, and we will respond to verified requests within the timeframes required by applicable law.
Your Right | What It Means |
|---|---|
Right of Access (SAR) | You can request a copy of all personal data we hold about you, along with information about how it is processed. We will respond within 30 days. |
Right to Rectification | If your personal data is inaccurate, incomplete, or out of date, you can request that we correct or update it. |
Right to Erasure (Right to be Forgotten) | You can request deletion of your personal data. This right is subject to our legal retention obligations. See our Data Deletion Policy for full details. |
Right to Restriction of Processing | You can request that we pause processing of your data in certain circumstances — for example, while a dispute about accuracy is resolved. |
Right to Data Portability | You can request that we provide your personal data in a structured, commonly used, machine-readable format (e.g. JSON or CSV) for transfer to another service. |
Right to Object | You can object to processing based on legitimate interests or for direct marketing purposes. We will stop processing unless we can demonstrate compelling legitimate grounds. |
Right to Withdraw Consent | Where we process data based on your consent, you may withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing prior to withdrawal. |
Right Against Automated Decisions | You have the right not to be subject to a decision based solely on automated processing — including profiling — that produces significant legal or similarly significant effects on you. |
Right to Lodge a Complaint | You have the right to lodge a complaint with your national Data Protection Authority (DPA) if you believe we have not handled your data lawfully. |
To exercise any of these rights, please contact us using the channels detailed in Section 18. We may need to verify your identity before processing your request. We will respond within 30 days of receipt of a verified request. In complex cases or where we receive multiple requests, we may extend this period by up to an additional two months, with prior notification.
Exercising your rights is free of charge. However, where requests are manifestly unfounded, excessive, or repetitive, we may charge a reasonable administrative fee or decline to act, in accordance with applicable law.
11. Children's Privacy
Ognimohub's Services are not directed at or intended for use by children under the age of 18 (or the applicable age of majority in the relevant jurisdiction). We do not knowingly collect personal data from minors. Account registration requires users to confirm they meet the minimum age requirement.
If we become aware that we have inadvertently collected personal data from a person under the applicable minimum age without appropriate parental or guardian consent, we will take immediate steps to delete such data from our systems and terminate the associated account.
If you are a parent or guardian and believe that your child has registered for or used an Ognimohub service, please contact us immediately at support@ognimohub.com so that we can investigate and take appropriate action.
12. Security of Your Personal Data
Ognimohub takes the security of your personal data seriously and implements comprehensive technical and organizational security measures to protect your information against unauthorized access, disclosure, alteration, destruction, or loss. Our security framework is aligned with ISO/IEC 27001 standards and includes:
Encryption of personal and financial data both at rest and in transit using AES-256 and TLS 1.2+ protocols.
Multi-factor authentication (MFA) for account access and sensitive operations.
Role-based access controls (RBAC) limiting staff access to personal data on a strict need-to-know basis.
Regular security audits, vulnerability assessments, and penetration testing by independent security specialists.
Intrusion detection and prevention systems monitoring all platform activity in real time.
Secure Software Development Lifecycle (SSDLC) practices for all platform development.
Incident response procedures for detecting, containing, and reporting data breaches within required regulatory timeframes.
Regular staff training on data protection, security awareness, and information handling.
In the event of a personal data breach that is likely to result in a high risk to your rights and freedoms, Ognimohub will notify you without undue delay and within 72 hours of becoming aware of the breach, in accordance with GDPR Article 33 and applicable notification requirements.
Your Role in Security: |
You play an important role in keeping your account secure. Use a strong, unique password, enable multi-factor authentication, never share your credentials, and report any suspicious account activity to us immediately at support@ognimohub.com. |
13. Third-Party Links and Services
Our platforms may contain links to third-party websites, applications, or services that are not operated by Ognimohub. When you click on such links or connect third-party services to your Ognimohub account, you leave our platform and your data becomes subject to the third party's own privacy policy and terms.
Ognimohub does not control, endorse, or assume responsibility for the data practices, content, or security of any third-party services. We strongly encourage you to review the privacy policy of every third-party service you interact with in connection with your use of our Platform.
Our inclusion of a link or integration with a third-party service does not imply endorsement of that service or its data practices.
14. Special Categories of Personal Data
"Special categories" of personal data are types of data that carry higher privacy risks by their nature and therefore require additional protections under the GDPR. These include data revealing racial or ethnic origin, political opinions, religious beliefs, trade union membership, health data, genetic data, biometric data, data concerning sex life or sexual orientation, and criminal conviction data.
Ognimohub processes the following special category data in limited circumstances:
Biometric data — we may collect facial verification and liveness detection data as part of KYC identity verification for MFS accounts. This data is processed solely for identity verification purposes and is handled under explicit consent and applicable data protection law.
Criminal conviction and sanctions data — we screen against sanctions watchlists and PEP (Politically Exposed Persons) databases as required under AML/CFT regulatory obligations. This is processed under legal obligation.
We do not process other special category data unless you provide it voluntarily (for example, in support communications) or where required by law. Where we do process special category data, we apply enhanced security controls and limit access to trained, authorized personnel only.
15. Automated Decision-Making and Profiling
Ognimohub uses automated systems and algorithms to support the efficient and secure delivery of our Services. In some cases, these systems may make or influence decisions about you. This section explains how and when automated decision-making is used.
15.1 Where Automated Processing Is Used
Fraud detection — our systems analyse transaction patterns, device data, and behavioural signals in real time to detect and prevent fraudulent activity. This may result in automated holds on transactions or account restrictions pending review.
AML and sanctions screening — transactions and account activities are automatically screened against regulatory watchlists and risk indicators as required by law.
Risk scoring — automated risk assessments are used to determine transaction limits, service eligibility, and account tier access, in compliance with our regulatory obligations.
Personalization — we use your usage history and preferences to personalize content recommendations and feature suggestions within the Platform.
15.2 Your Rights Regarding Automated Decisions
Where a decision that produces a significant legal or similarly significant effect on you is made solely through automated processing, you have the right to:
Request human review of the automated decision by a qualified Ognimohub representative.
Express your point of view and provide additional context before a final decision is confirmed.
Challenge the decision and request that it be reconsidered by a human reviewer.
To exercise this right, please contact us at support@ognimohub.com, describing the decision in question and the outcome you are seeking. We will acknowledge your request within 48 hours and complete our review within 15 business days.
16. Marketing Communications
Ognimohub will only send you marketing emails, push notifications, or SMS messages where you have given your explicit, informed consent to receive such communications, or where we are permitted to do so under applicable law (for example, soft opt-in rules for existing customers in certain jurisdictions).
16.1 What We May Send
Product updates, new feature announcements, and service improvements.
Promotional offers, discounts, and referral programme information.
Industry news, educational content, and e-Learning updates.
Event invitations and survey requests.
16.2 Your Right to Opt Out
You may withdraw your consent to marketing communications at any time, free of charge, by:
Clicking the unsubscribe link included in any marketing email.
Adjusting your communication preferences in your Account settings.
Contacting us at support@ognimohub.com with the subject line "Marketing Opt-Out".
Opting out of marketing communications will not affect the delivery of essential transactional communications such as account alerts, security notifications, and payment confirmations, which are sent regardless of marketing preferences.
17. Changes to This Privacy Policy
Ognimohub reviews this Privacy Policy regularly and updates it as necessary to reflect changes in our data practices, applicable law, regulatory requirements, or new services. All updates are dated and versioned.
Where we make material changes to this Policy — such as changes to the types of data we collect, the purposes for which we use it, or the rights available to you — we will notify you in advance through:
In-app notifications on your registered devices.
An email to your registered email address.
A prominent notice on ognimohub.com.
Material changes will take effect 14 days after notification, unless a shorter period is required by law. Your continued use of Ognimohub Services after the effective date of any change constitutes your acknowledgement of the updated Policy. Where required by law, we will seek your affirmative consent before processing your data under revised terms.
The current, authoritative version of this Privacy Policy is always available at ognimohub.com.
18. Contact Us and the Data Protection Officer
Ognimohub has designated a Data Protection Officer (DPO) responsible for overseeing our compliance with data protection legislation and acting as the primary point of contact for all privacy-related enquiries, complaints, and data subject rights requests.
If you have any questions about this Privacy Policy, how we handle your personal data, or wish to exercise any of your data subject rights, please contact us through any of the following channels:
Data Protection Officer — Ognimohub MFS |
Website: ognimohub.com |
Contact Form: ognimohub.com/contact |
Support Ticket: ognimohub.com/ticket |
WhatsApp: wa.me/ognimohub |
Email: support@ognimohub.com |
We will acknowledge all privacy-related enquiries within 48 business hours and aim to resolve them fully within 30 calendar days. For complex requests, we may extend this by up to two additional months with prior written notice.
If you are not satisfied with our response, or believe we have not handled your data lawfully, you have the right to lodge a complaint with your national or regional Data Protection Authority (DPA). In the European Union, this is the DPA of your country of habitual residence, place of work, or the location of the alleged infringement.
Ognimohub MFS | Privacy Policy | Version 2.6 | Effective May 12, 2026