- Introduction
Your privacy is important to us. This privacy statement
explains the personal data Safaricom Telecommunications
Ethiopia PLC (“Safaricom Ethiopia”) collects, processes
it, and for what purposes.
This statement should be read together with the Terms and
Conditions of Use for other Safaricom Ethiopia products
and services. Where there is a conflict, this statement
will prevail.
This statement applies to all customers, suppliers,
agents, merchants, dealers and all visitors frequenting
any of Safaricom Ethiopia premises.
- Definitions
References to
- "You" means
-
customer- the person who subscribes to, uses or
purchases any of our products and services or
accesses our websites and includes any person who
accesses any of the products and services you have
subscribed to.
-
Any agent, dealer and/or merchants who has signed an
agreement with us and is recognised as a merchant or
agent in accordance with any applicable laws or
Regulations.
-
Any visitor that is a person (including
contractors/subcontractors or any third parties) who
gains access to any Safaricom Ethiopia premises.
-
Any supplier who has been contracted by Safaricom
Ethiopia and executed a Supplier contract.
- "Safaricom Ethiopia", "we" or "us", "our" and
"ours"
means Safaricom Telecommunications Ethiopia PLC
The
word "includes" means that what follows is not
necessarily exhaustive and therefore the examples given
are not the only things/situations included in the
meaning or explanation of that text.
- Statement Details
- Collection of Information
-
We collect your personal information with your
knowledge and consent when you do any of the
following (please note that this list is not
exhaustive):
-
register for a specific product or service,
including but not limited to SIM-card
registration, Post Pay subscriptions, e-
commerce platforms, M-PESA and M-PESA-powered
services;
-
buy, subscribe to or use a Safaricom Ethiopia
product or service online, on the cloud, on a
mobile or other device, in a Safaricom Ethiopia
Shop or other retail outlet;
-
subscribe to Safaricom Ethiopia or third-party
premium rates services, Short Message Service
(SMS), email or social media platforms;
-
ask Safaricom Ethiopia for more information
about a product or service or contact Safaricom
Ethiopia with a query or complaint;
-
respond to or participate in a survey, marketing
promotion, prize competition or special offer;
-
visit, access or use Safaricom Ethiopia or
third-party websites;
-
We may also collect your information from other
organisations including credit-reference
bureaus, fraud prevention agencies and business
directories;
-
when you interact with us as a supplier, agent,
merchant or dealer as prescribed in this
statement;
- when you visit any of our premises.
-
We do not onboard minors (any person under 18 years
of age) except where you additionally register on
their behalf as their parent and/ or legal guardian.
If you allow a child to use our services, you should
be aware that their personal information could be
collected as described in this statement.
- What Information is collected?
The
information we collect and store about you includes but
is not limited to the following:
-
Your identity and SIM-card registration information,
including your name, photograph, fingerprints,
address, location, phone number, identity document
type and number, date of birth, email address, age,
gender and mobile number portability records.
-
Your credit or debit-card information, information
about your bank account numbers and SWIFT codes or
other banking information. We use the data you
provide for billing purposes.
-
Your transaction information when you use our MPESA
service.
-
Your preferences for particular products and
services, based on information provided by you or
from your use of Safaricom Ethiopia’s (or third
party) network, products and services.
-
Name, family details, age, profiling information
such as level of education, bank account status,
income brackets, etc. collected as part of surveys
conducted by Safaricom Ethiopia and their agents on
behalf of Safaricom Ethiopia.
-
Your contact with us, such as when you: call us or
interact with us through social media, our chatbot,
‘snail mail’, email (we may record your
conversations, social media or other interactions
with us), register your biometric information such
as your voice, finger prints etc, visit a Safaricom
Ethiopia Shop or other retail outlet.
-
Your account information, such as your handset
type/model, tariff, top-ups; subscriptions
(including third party subscriptions), billing
statements, cloud hosting registration details,
e-commerce registration and usage, M-PESA and mobile
money transactions.
-
Your call data records: phone numbers that you call
or send messages to (or receive calls and messages
from), log of calls, messages or data sessions on
the Safaricom Ethiopia network and your approximate
location (save for customer service interactions as
noted above we do not record or store message or
call contents).
-
We use Closed Circuit Television (CCTV) surveillance
recordings. CCTV Devices are installed at strategic
locations to provide a safe and secure environment
in all Safaricom Ethiopia premises as a part of our
commitment to community safety, security and crime
prevention.
-
When you request us to reserve parking for you, we
will collect and retain your personal data (name,
telephone number, and vehicle registration details)
when you request Safaricom Ethiopia to reserve
parking space for you and where you use any of our
parking facilities as a contractor. We use the data
you provide to ensure effective visitor, contractor
and car park management, Health and Safety
compliance (orderly entry and exiting to and from
the car parks and buildings) and inventory
management.
-
We maintain a register of visitors in which we
collect and keep your personal data such as names,
company/institution details, telephone number,
vehicle registration details, and Document ID
number. This information is collected for health,
safety and security purposes.
-
When you use Safaricom Ethiopia WIFI for guest and
visitors, we collect email IDs and will provide
username and password. We record the device address
and also log traffic information in the form of
sites visited, duration and date sent/received.
-
We may use your medical information to manage our
services and products to you e.g. when you use our
services designed for persons with disabilities.
-
Where you use our voice recognition platform (IVR)
we may collect and process your voice biometrics.
-
We collect your personal information when you visit
us for purposes of accident and incident reporting.
Safaricom Ethiopia will collect personal data from
the injured party or person suffering from ill
health, such as, Name, Address, Age, next of kin,
details of the incident to include any relevant
medical history. The data is collected as Safaricom
Ethiopia has a legal duty to document workplace
incidents/accidents and to report certain types of
accidents, injuries and dangerous occurrences
arising out of its work activity to the relevant
enforcing authority.
-
Incidents and accidents will be investigated to
establish what lessons can be learned to prevent
such incidents/accidents reoccurring including
introduction of additional safeguards, procedures,
information instruction and training, or any
combination of these. Monitoring is undertaken but
on an anonymized basis. The information is also
retained in the event of any claims for damages.
- Use of Information
We may use and analyze
your information for the following purposes:
-
processing products and services that you have
bought from Safaricom Ethiopia or from third parties
on our ecommerce platforms;
-
billing you for using our or third-party products or
services or taking the appropriate amount of credit
from you;
-
responding to any of your queries or concerns;
-
verifying your identity information through publicly
available and/or restricted government databases in
order to comply with applicable regulatory
requirements;
-
carrying out credit checks and credit scoring where
applicable;
-
keeping you informed generally about new products
and services and contacting you with offers or
promotions based on how you use our or third-party
products and services unless you opt out of
receiving such marketing messages (you may contact
Safaricom Ethiopia at any time to opt out of
receiving marketing messages);
-
to comply with any legal, governmental or regulatory
requirement or for use by our lawyers in connection
with any legal proceedings;
-
in business practices including for quality control,
training and ensuring effective systems operations;
-
to protect our network including to manage the
volume of calls, texts and other use of our network;
-
to understand how you use our network, products and
services for purposes of developing or improving
products and services;
-
preventing and detecting fraud or other crimes and
for debt recovery;
-
for research, statistical, survey and other
scientific or business purposes;
-
provide aggregated data (which do not contain any
information which may identify you as an individual)
to third parties for research and scientific
purpose; and
-
administer any of our online platforms/websites.
- Categories of Data
Categories of Personal
Data as defined in the General Data Protection
Regulation (GDPR) may be processed depending on the
particular types of products and services you have
subscribed to.
- Lawful Basis for processing your information
We will process your
personal information based
on any of the lawful basis provided for under the
Categories of Personal Data:
- Product/Service Agreement with you;
-
Safaricom Ethiopia’s legitimate business interests;
- compliance with a mandatory legal obligation;
- consent you provide;
- public interest; and
- your vital interest.
- Retention of Information
We will only retain your personal data for as long as
reasonably necessary to fulfil the purposes we
collected it for, including for the purposes of
satisfying any legal, regulatory, tax, accounting or
reporting requirements. We may retain your personal
data for a longer period in the event of a complaint
or if we reasonably believe there is a prospect of
litigation in respect to our relationship with you.
To determine the appropriate retention period for
personal data, we consider the amount, nature and
sensitivity of the personal data, the potential risk
of harm from unauthorised use or disclosure of your
personal data, the purposes for which we process your
personal data and whether we can achieve those
purposes through other means, the need to comply with
our internal policy and the applicable legal,
regulatory, tax, accounting or other requirements.
Anonymised information that can no longer be
associated with you may be held indefinitely
- Disclosure of Information
-
Any disclosure of your information shall be in
accordance with applicable law and regulations.
Safaricom Ethiopia shall assess and review each
application for information and may decline to grant
such information to the requesting party.
-
We may disclose your information to:
-
law-enforcement agencies, regulatory authorities,
courts or other statutory authorities in response to
a demand issued with the appropriate lawful mandate
and where the form and scope of the demand is
compliant with the law;
-
our subsidiaries, associates, partners, software
developers or agents who are involved in delivering
Safaricom Ethiopia products and services you order
or use;
-
fraud prevention and Anti money laundering agencies,
credit-reference agencies;
-
publicly available and/or restricted government
databases to verify your identity information in
order to comply with regulatory requirements;
-
survey agencies that conduct surveys on behalf of
Safaricom Ethiopia;
-
emergency service providers when you make an
emergency call (or where such disclosure to
emergency service providers is necessary for your
rescue, health and safety) including your
approximate location; and
-
any other person that we deem legitimately necessary
to share the data with.
-
In the event financial services are availed, some of
your information may be passed on to any person whom you
receive mobile money from or send or intend to send
mobile money to. Your information may be available to
any third party involved in the operation of the mobile
money service including Merchants, mobile money
interoperability partners, ATM Switch providers and
vendors of the mobile money transfer technology
platform.
-
We shall not release any information to any individual
or entity that is acting beyond its legal mandate.
-
We will get your express consent before we share your
personal data with any third party for direct marketing
purposes.
- Direct Marketing
-
You may be required to opt in or give any other form
of explicit consent before receiving marketing
messages from us.
-
You can ask us to stop sending you marketing
messages at any time by following the optout links
on any marketing message sent to you or by attending
to us or contacting us at any time through the
provided contacts.
-
Where you opt out of receiving these marketing
messages, this will not apply to personal data
provided to us as a result of a product, service
already taken up, warranty registration, product or
service experience or other transactions.
- The Use of Cookies
-
We may store some information (using "cookies") on your
computer when you visit our websites. This enables us to
recognise you during subsequent visits. The type of
information gathered is non-personal (such as: the
Internet Protocol (IP) address of your computer, the
date and time of your visit, which pages you browsed and
whether the pages have been delivered successfully.
-
We may also use this data in aggregate form to develop
customised services - tailored to your individual
interests and needs. Should you choose to do so, it is
possible (depending on the browser you are using), to be
prompted before accepting any cookies, or to prevent
your browser from accepting any cookies at all. This
will however cause certain features of the web site not
to be accessible.
- The Use of Hyperlinks
-
Our websites may provide hyperlinks to other locations
or websites on the Internet. These hyperlinks lead to
websites published or operated by third parties who are
not affiliated with or in any way related to us and have
been included in our website to enhance your user
experience and are presented for information purposes
only.
-
We do not endorse, recommend, approve or guarantee any
third-party products and services by providing
hyperlinks to an external website or webpage and do not
have any co-operation with such third parties unless
otherwise disclosed. We are not in any way responsible
for the content of any externally linked website or
webpage.
-
By clicking on a hyperlink, you will leave the Safaricom
webpage and accordingly you shall be subject to the
terms of use, privacy and cookie policies of the other
website that you choose to visit.
- Access to and Updating your Information
To update your information, visit any Safaricom Ethiopia
customer care outlet or call the Call Centre and submit
your request. You can change how we get in touch with you
and your account details whenever you like.
- Safeguarding and Protection of Information
Safaricom Ethiopia has put in place technical and
operational measures to ensure integrity, confidentiality
and availability of your data via controls around:
information classification, access control, cryptography,
physical and environmental security and monitoring and
compliance.
- International Data Transfers
Safaricom Ethiopia shall ensure that your personal
information resides and is processed within the Federal
Democratic Republic of Ethiopia.
- Your Rights
Subject to legal and contractual exceptions, you have
rights under data protection laws in relation to your
personal data. These are listed below: -
-
right to be informed that we are collecting personal
data about you;
-
right to access personal data that we hold about you and
request for information about how we process it;
-
right to request that we correct your personal data
where it is inaccurate or incomplete, when supported by
appropriate documentary evidence;
-
right to request that we erase your personal data noting
that we may continue to retain your information if
obligated by the law or entitled to do so;
-
right to object and withdraw your consent to processing
of your personal data. We may continue to process if we
have a legitimate or legal reason to do so;
-
right to request restricted processing of your personal
data noting that we may be entitled or legally obligated
to continue processing your data and refuse your
request;
-
right to request transfer of your personal data in an
available format (including in an electronic format).
If you wish to exercise any of the rights set out
above, please contact us by calling the customer care
numbers or visiting the nearest Safaricom Ethiopia
customer care outlet. We may need to request specific
information from you to help us confirm your identity
and ensure your right to access your personal data (or
to exercise any of your other rights). This is a
security measure to ensure that personal data is not
disclosed to any person who has no right to receive
it. We may also contact you to ask you for further
information in relation to your request to speed up
our response. We try to respond to all legitimate
requests within reasonable time. Occasionally it could
take us longer if your request is particularly complex
or you have made a number of requests. In this case,
we will notify you and keep you updated.
- How to Contact Us
If you would like to contact us on any topics in this
privacy policy, you can email us on care@safaricom.et or
submit a request via our digital platforms.
As a Data Controller and Processor, below are the contact
details of our Data Protection Officer:
Data Protection Officer,
Safaricom Telecommunications Ethiopia PLC,
Kirkos Sub-City, Woreda 01,
Safaricom Head Quarters,
Addis Ababa, Ethiopia
- Right to Lodge Complaint
You have the right to lodge a complaint with the relevant
supervisory authority that is tasked with personal data
protection within Ethiopia.
- Non-Compliance with this Statement
Safaricom Ethiopia shall have the right to terminate any
agreement with you for failure to comply with the
provisions of this statement and reject any application
for information contrary to this statement.
- Amendments to this Statement
Safaricom Ethiopia reserves the right to amend or modify
this statement at any time. If Safaricom Ethiopia amends
this statement, you can access the most current version of
the privacy statement by visiting Safaricom Ethiopia
retail stores or website so that you will always know how
your personal information is being used or shared. Any
amendment or modification to this statement will take
effect from the date of notification on the Safaricom
Ethiopia website.
Statement Effective Date
1st July 2022