Collection & Processing of Personal Data

Diool guarantees the protection of your personal data, as well as the respect of your choices concerning these data.

The purpose of this policy is to define the terms and conditions for the collection, processing and storage of personal data by Diool, its subsidiaries, subcontractors and any partners.

This policy applies to customers and users of Diool's offers, services, applications and visi

Purpose of processing your data

Personal Data is collected and processed for specified, explicit and legitimate purposes. It is not further processed in a way that is incompatible with these purposes. Below are the purposes for which we collect your data:

• •Enable customer registration and authentication
• •Invoice and collect payments
• •Manage customer transactions
• •Dealing with terminations
• •Dealing with complaints
• •Communicating with customers
• •Manage incoming mail
• •Amicable collection of unpaid bills
• •Managing litigation
• •Manage customer rights requests
• •Storing customer or user data
• •Offer authentication services
• •Responding to requests for information
• •Diool also processes data for purposes other than the strict execution of contracts with customers, which are as follows
• •Organise marketing operations
• •Organising events
• •Organise competitions
• •Collecting personal data subject to consent
• •Analyse the use of offers and services to make proposals to the client
• •Survey customers or users
• •Improve customer relations and the content of our services
• •Ensure the security of our platform and services
• •Organise marketing operations
• •Deploy and operate offers and services
• •Overseeing the billing system
• •Fighting fraud and keeping you safe
• •Diool also collects your data to meet legal or regulatory obligations. In order to: Combating money laundering and terrorist financing, compliance with international sanctions and embargoes;
• •Combating tax fraud, including determining your tax status;
• •To meet our banking and financial obligations, involving the assessment of your creditworthiness, and more broadly to ensure internal control and operational risk management;
• •Responding to requests from authorities and court decisions
• •Responding to the authorities' right of access
• •Diool may also process your data for statistical purposes and may market the statistics obtained. In this case, all data is first made anonymous.

How Diool collects your personal data

Your personal data may be collected directly from you or as a result of using the Diool services.

Diool only collects and processes personal data that are strictly necessary for its activity.

Diool carries out the following processing operations: direct and indirect collection,consultation, use, storage and all other operations necessary for the provision of its services.

Type of data collected by Diool

Diool processes the following categories of data:

• •Identification data: Surname, first name, ID number, facial image, ... ;
• •Personal characteristics: date of birth, nationality... ;
• •Contact data: postal address, email, telephone number... ;
• •Personal life: interests, marital status... ;
• •Data related to your professional situation (turnover, etc.)
• •Economic and financial data: means of payment, payment history... ;
• •Connection, service use and interaction data: technical hardware characteristics, terminal identifiers (MAC address, serial number, etc.), traffic data generated by the use of communication networks, IP address, crash report, connection logs, etc.
• •Commercial data: Products and services held or used;
• •transactional data: (data relating to transactions, including transfers, including in particular data relating to beneficiaries including their full names, addresses and contact details, expenditure and income categorisation data, ...) ;
• •Customer relationship monitoring data: support requests, correspondence with the subscriber, survey results, profiles and scores for customer segmentation, etc;
• •Content data: Files stored on the cloud, mailboxes, etc. ;
• •Identification and geolocation system data (e.g. locations of withdrawals or payments for security purposes or to determine the location of the branch or service provider closest to you);
• •Geolocation data ;
• •Biometric data such as fingerprints, voiceprints or facial recognition data that can be used for identification and security purposes;
• •Cookies and other tracers ;
• •Any other element justified by the laws and regulations in force.
• •It is therefore important that the information you provide is accurate and up-to-date. It is also important that you inform us without delay of any significant changes concerning you.

Recipients of your personal data

The data collected is intended for Diool and its subcontractors.

Data may also be processed by partners of Diool in situations where partners are involved in the provision of services. This may also involve processing to which you are offered consent.

Finally, the processed data may be transmitted to the competent authorities, at their request, in the context of legal proceedings, in the context of legal investigations and requests for information from the authorities or in order to comply with other legal obligations.

Retention period for personal data

To ensure fair processing, your personal data will not be kept by Diool longer than is necessary for the purposes for which it was originally collected or for which it is to be processed.

The length of time that Diool retains your personal data takes into account the minimum and maximum legal, regulatory and contractual requirements that influence data retention periods.

Where your personal data is processed

Your personal data is processed in Cameroon. However, your personal data may be transferred to, or accessed by, third parties around the world. If this is the case, Diool will comply with applicable laws and regulations on the protection of personal data. This is to ensure an adequate level of protection for your data, anywhere in the world.

Security of your personal data

Diool has implemented appropriate measures (physical, technical and organisational) to ensure the integrity and confidentiality of your personal data.

These measures shall be adapted according to the level of sensitivity of the data processed and the level of risk presented by the processing or its implementation.

Your rights in relation to the collection of your personal data

Any person whose personal data is processed has the following rights:

• •Right of access (e.g. to check the data we hold and to obtain a copy on the basis of a court order);
• •Right to rectification (e.g. to update or correct data if incomplete or incorrect);
• •Right to object at any time to the collection and processing of any data for commercial prospecting purposes. This right offers every customer the possibility to modify their notification preferences at any time;
• •Right to erasure (example: Any customer can request the permanent deletion of their customer account).

Requests to exercise these rights may be made by the data subject. Requests should be submitted in writing to Diool at the following address:

support.donneespersonnelles@diool.com

They can also be sent by post to the following address

1. Diool Cameroon
2. Personal Data Complaints
3. Indigo Building, Bonapriso,
4. BP 482 Douala, Cameroon

Any request to exercise your rights must be accompanied by a photocopy of a proof of identity.

Changes to the data protection policy

This Privacy Policy may change from time to time, particularly as a result of legislative and regulatory developments and to reflect changes in our practices and technologies. We invite you to consult it regularly.