loader

Data Protection Policy

Effective Date: October 5, 2023

Introduction

The purpose of this policy is to articulate the data protection procedures that Cowries Money Financial Services Ltd (hereafter referred to as "Cowries Money") will rigorously adhere to in order to achieve full compliance with relevant international laws and regulations, including the General Data Protection Regulation (GDPR). At Cowries Money, we are unwavering in our commitment to safeguarding the privacy and security of our customers' personal information.

Data Collection and Use

Cowries Money recognises the essential need to collect personal information from our customers to facilitate the delivery of our services. This personal information may encompass data such as names, addresses, dates of birth, government-issued identification documents, and other pertinent details. Cowries Money will solely collect and employ personal information for the specific purposes for which it was gathered. We will never disclose this information to third parties without the explicit consent of the customer, except when mandated by applicable law.

Security Guidelines

In line with our commitment to data protection, Cowries Money adheres to a set of comprehensive security guidelines across multiple programming languages and technologies, including Dart, YAML, Java, Kotlin, .plist, Swift, JavaScript (JS), CSS, Sass, PHP, HTML, and Flutter. These guidelines encompass:

Input Validation and Sanitisation:

  • Implementation of thorough input validation and sanitisation procedures to prevent SQL injection, cross-site scripting (XSS), and other injection attacks.

Authentication and Authorisation:

  • Employment of strong authentication methods, including multi-factor authentication (MFA) where appropriate.
  • Implementation of role-based access control (RBAC) to ensure the principle of least privilege.

Secure Data Storage:

  • Encryption of sensitive data at rest and during transmission.
  • Usage of industry-standard encryption algorithms and hashing methods for password and sensitive information storage.

Session Management:

  • Implementation of secure session management mechanisms to thwart session fixation and session hijacking.
  • Deployment of secure tokens or session cookies with HttpOnly and Secure flags enabled.

Cross-Site Request Forgery (CSRF) Protection:

  • Implementation of anti-CSRF tokens to guarantee the legitimacy of all requests.

Cross-Origin Resource Sharing (CORS):

  • Configuration of CORS headers to restrict resource access to authorised domains.

Security Headers:

  • Utilisation of security headers such as Content Security Policy (CSP), HTTP Strict Transport Security (HSTS), and X-Content-Type-Options.

Secure File Uploads:

  • Strict control of file uploads to prevent malicious file uploads.
  • Validation of file types, size restrictions, and secure storage of uploaded files.

These security guidelines, spanning various programming languages and technologies, collectively ensure the robust protection of our customers' personal information.

Data Security

To ensure the utmost protection of our customers' personal information, Cowries Money will implement robust technical and organisational measures. These measures may encompass encryption, firewalls, stringent access controls, and other appropriate security protocols. Our commitment to data security is unwavering, and we are dedicated to preventing unauthorised access, usage, or disclosure of personal information.

Data Retention

Cowries Money will retain personal information only for the duration required to fulfill the purposes for which it was originally collected, or as dictated by prevailing legal requirements. Once personal information is no longer necessary, Cowries Money will securely dispose of it or render it anonymous to ensure it cannot be traced back to an individual.

Data Subject Rights

Cowries Money fully acknowledges and respects the data subject rights of our customers, as outlined in the original policy.

Last Updated: June 16, 2024.

These integrated security guidelines enhance our commitment to safeguarding personal information while maintaining compliance with data protection regulations. Cowries Money will continually review and update its policies and procedures to ensure that we are meeting our legal and ethical obligations. By implementing these measures, we are confident that we can protect our customers' personal information and maintain their trust in our services. For more comprehensive information, please refer to our Privacy Policy.

We may use cookies or any other tracking technologies when you visit our website, including any other media form, mobile website, or mobile application related or connected to help customize the Site and improve your experience.

© Cowries Money Co Limited and Umojami Inc Technology Architecture.

Cowries Money is registered and regulated by the Ministry of Small and Medium Size Enterprises,
and accredited by the Management Centre (CGA or AMC) for tax with registration code M122217863993L
and Registered Address: ST PAUL ROAD, MILE 3 NKWEN, BAMENDA, NORTH WEST REGION, CAMEROON.

Cowries Money is registered as a Money Services Businesses (MSBs) pursuant to the Bank Secrecy Act
(BSA) regulations at 31 CFR 1022.380(a)-(f), administered by the Financial Crimes Enforcement Network (FinCEN)
with registration number 31000221506444.

Cowries Money Co Ltd is also a registered company in the UK as Cowries Money Limited with the business registration number 14184028
and Registered Address: HEREFORD WALK, ROMILEY, STOCKPORT, UNITED KINGDOM SK6 3HN.

Copyright © 2024 Cowries Money All Right Reserved.