Effective Date: September 2025
This Privacy Policy outlines how we collect, use, and disclose your personal information when you engage with our services. It also explains your privacy rights and the legal protections available to you. If you do not agree with our policies and practices, you have the option to discontinue using our services.
For detailed information about Bright Cash - Secure Loan, please refer to the "Privacy Policy" section on our official website. This policy may be updated periodically. If a specific product has a separate privacy policy or user agreement with unique provisions, that document will take precedence. In all other cases, this Privacy Policy will apply.
We process your personal data to enhance and deliver our services effectively. By accessing or using our platform, you acknowledge and consent to the collection and handling of your information as described in this Privacy Policy.
At Bright Cash - Secure Loan, we value your privacy and are committed to safeguarding your personal data. When you engage with our products and services, we may collect and process certain information about you. This Bright Cash - Secure Loan Financial Privacy Policy (referred to as “this policy”) explains the types of personal data we collect, the purposes for which we use it, and the measures we take to ensure its security. It also outlines your rights regarding access, updates, and deletion of your information, as well as our obligations when sharing, transferring, or publicly disclosing your personal data.
This policy is directly linked to the Bright Cash - Secure Loan financial services you use, along with the various functions associated with them (collectively referred to as “our products and services”). We encourage you to carefully review this policy before using our platform to ensure you fully understand its contents—especially the highlighted sections—and make informed decisions about your data. For clarity, we have provided concise explanations of key terms used throughout this document.
Please note that this policy applies exclusively to the products and services specified herein.
How We Collect Your Personal Information
How We Use Your Personal Information
Use of Cookies and Similar Technologies
Retention, Sharing, Transfer, and Disclosure of Personal Information
Measures to Protect Your Personal Information
Your Rights and Choices
Handling of Minors’ Personal Information
Security and Privacy Assurance
Policy Updates and Modifications
How to Contact Us
Definitions of Key Terms in This Policy
We collect and utilize the personal information you provide, either actively or as a result of your interactions with our products and/or services, in line with the principles of legality, fairness, and necessity as outlined in this policy. Should we wish to use your personal information for purposes other than those stated here, or repurpose information collected for one specific objective, we will inform you in advance and seek your consent once more before proceeding.
1.1 Personal Information
When using our services, we may ask you to provide specific information that can identify or contact you. Personal data we may collect includes, but is not limited to: • Phone number
• Email address
• Full name
• Gender
• Date of birth
• ID card number
• Education details
• Marital status
• Employment details
• Address information
1.2 Usage Data
We gather your personal data through two main channels:
Data You Provide Directly: We collect and store the information you provide while using Bright Cash - Secure Loan financial services. This includes details you input into online forms, data from product and service applications, feedback submissions, dispute resolutions, or inquiries made to us regarding our services. Data related to your transactions and activities during service usage is also captured automatically.
Data We Collect Proactively: When using Bright Cash - Secure Loan’s website, app, and associated services, we may collect data transmitted by your computer, smartphone, or other devices used to access our services.
1.3 Data from Third-Party Social Media Services
If you choose to link a third-party social media service, we may, with your consent, retrieve personal information already associated with your account on that service, such as your name, email address, and activity. You may also be able to share additional information with us via your social media account. By providing this data during registration or other interactions, you permit us to use, share, and store it in accordance with this Privacy Policy.
1.4 Mobile Data When Using the Application
To enhance our financial services and support our anti-fraud systems, we may collect and sync certain data from your device with your prior consent, including:
• Location
Purpose of Use: We access approximate location data to safeguard user accounts and prevent offshore fraud, illegal access, and other violations. This ensures the privacy of users by not tracking or storing precise location data.
How It’s Used: If you attempt to log in or access services from an unusual location, we use location data to identify and flag this behavior, helping to prevent unauthorized access.
• Calendar Access
Purpose of Use: We collect details from your mobile calendar, such as event title, description, start and end times, to send reminders that help you avoid missing payment deadlines.
How It’s Used: This data helps us ensure timely reminders to protect your credit rating.
Data Security: All information is encrypted and transmitted securely over HTTPS (https://www.agrocapital.cash), with no data shared without your consent.
• SMS Permissions
Purpose of Use: To support you in managing your personal finances, we may access specific SMS messages stored on your device. Only those related to updates about your bank account balance will be considered. This allows us to generate a clear overview of your current financial situation.
How It’s Used: The SMS information is processed exclusively for financial management purposes. All content is encrypted during handling and will never be disclosed or shared with third parties.
Data Security: Your SMS messages will be encrypted and transmitted securely via HTTPS (https://www.agrocapital.cash), with no sharing of data without your permission.
• Device Information
Purpose of Use: We collect basic device information, such as system version, device model, and unique identifiers (e.g., Android Advertising ID), to verify the authenticity of the device and help prevent fraudulent activity.
How It’s Used: This information is analyzed to maintain the security and integrity of our services and to protect against unauthorized use.
Data Security: All data is encrypted during transmission via HTTPS (https://www.agrocapital.cash) and will never be shared with third parties without your permission.
The permissions we request align with the functions provided by our services. Should our services evolve, the required permissions will be adjusted accordingly. You will be informed about the need for these permissions and their purposes when they are first requested. Enabling permissions means you authorize us to collect and use the relevant data to provide the services as described. If you disable these permissions, your data will no longer be collected for the related purposes, though previous data will remain unaffected by this change.
2.1. In compliance with local laws, regulations, and mandatory requirements, as well as to deliver and enhance the quality of our services, or to ensure the protection of your account and funds, we may use your information in the following instances:
a. To fulfill the objectives outlined in the “What Information We Collect About You” section of this policy.
b. To ensure the stability and security of our services, we may use your information for identity verification, security measures, fraud detection, preventing or blocking unlawful activities, managing risks, and for archival and backup purposes.
c. To notify you of any updates related to your use of our services, we may send you service reminders.
d. To comply with legal and regulatory obligations, we may report to the relevant authorities.
e. We may invite you to participate in surveys related to our services.
f. To improve, enhance, and optimize Bright Cash - Secure Loan’s online financial services.
g. To process your requests or feedback regarding Bright Cash - Secure Loan’s products and/or services.
h. After anonymizing the data through technical methods, we may use the anonymized data, as it can no longer identify individuals. In this case, we reserve the right to analyze and commercially utilize the anonymized data without revealing your personal information.
i. We may conduct statistical analyses on the use of our products and/or services and share these statistics with the public or third parties to demonstrate overall usage trends. However, these statistics will not contain any personally identifiable information.
2.2. When presenting your personal information, we will employ content replacement and anonymization techniques to safeguard your data’s security.
2.3. If we intend to use your personal information for purposes that are not covered by this policy or repurpose information collected for a specific reason, we will seek your prior consent. Please note that as our products and/or services evolve and change, if you choose to use additional products and/or services that are not mentioned in this policy, we will provide a clear explanation of the purpose, method, and scope of data collection and obtain your explicit consent before gathering your personal information. If you choose not to provide this information, you may not be able to access certain services, but it will not affect your ability to use other services.
To enhance your browsing experience, we may store small data files known as cookies on your computer or mobile device. A cookie is a plain text file stored by a web server, which can only be accessed or read by the server that created it. Each cookie is unique to your web browser or mobile application and typically contains an identifier, site name, and some numbers or characters. Cookies can help websites remember a user's single visit (using session cookies) or multiple visits (using persistent cookies). They help websites save settings such as your language preferences, font size, and other browsing preferences, so you don’t need to reconfigure them on every visit. Without cookies, websites treat each visit as a new session, meaning you may be logged out after navigating to a new page or need to re-enter your login credentials.
We use cookies and other technologies for the following purposes to provide you with a more convenient and personalized service:
(1) Remembering Your Account: For example, when you access services that require you to log in, we may store your login name in a cookie file encrypted on your device. Since the data is stored in irreversible encryption, it cannot be read by others even if they use your device. This process helps you avoid having to enter your login details every time you use our services.
(2) Analyzing Your Use of Our Services: We may use cookies and web beacons to track your usage patterns and preferences, such as which pages you visit or services you use, to better understand your needs.
(3) Advertising Optimization: Cookies allow us to display products or advertisements that may interest you based on your browsing habits. These statistics are anonymous and are used to assess the effectiveness of advertisements.
(4) Web Beacons: We may also use web beacons to collect anonymous access data. These technologies, like cookies, help us track engagement without revealing any personal information.
We will not use cookies for any purposes beyond those outlined in this policy. You can manage or delete cookies according to your preferences via your browser or operating system settings at any time. Most web browsers automatically accept cookies, but you can modify your browser settings to refuse or delete them. However, refusing cookies may mean you need to manually adjust settings on each visit and could affect the security and convenience of the services you use, though it will not prevent you from using other services we offer.
3.2 Use of Web Beacons, Pixel Tags, and Similar Technologies
In addition to cookies, we may use web beacons, pixel tags, and other similar technologies on our website. For example, emails we send may contain clickable URLs linking to our website. If you click these links, we may track the click to better understand your preferences and improve customer service. Web beacons are typically small, transparent images embedded in a webpage or email. By using pixel tags in emails, we can track whether an email has been opened. If you do not wish to be tracked in this way, you can choose to unsubscribe at any time.
4.1 Retention of Your Personal Data
We will retain your personal data only for the period necessary to fulfill the purposes outlined in this privacy policy. Your data will be retained as needed to comply with legal obligations (e.g., if we are required to retain data for legal purposes), resolve disputes, and enforce our legal agreements and policies.
Additionally, we will retain usage data for internal analysis purposes. Typically, usage data is kept for a shorter period unless required for security enhancement or service functionality improvement, or if we are legally obligated to retain it for a longer period. Generally, we will retain your data for up to 1 year after you stop using our services, after which it will either be deleted or anonymized.
4.2 Sharing Your Personal Information
We may share your personal information in the following situations:
With Service Providers: We may share your information with third-party service providers to monitor and analyze the use of our services and contact you.
With Affiliates: We may share your information with our affiliates, with the understanding that they will adhere to this privacy policy. Affiliates include our parent company and any other subsidiaries, joint venture partners, or companies we control or jointly control.
With Business Partners: We may share your information with business partners to provide you with specific products, services, or promotions.
With Other Users: If you share personal information or interact with other users in public areas, all users may see this information and potentially share it externally. If you interact with other users through third-party social media services, contacts on those platforms may see your name, profile, pictures, and activity descriptions.
With Your Consent: With your consent, we may disclose your personal information for other purposes.
4.3 Transfer of Your Personal Data
We do not transfer your personal information to any organization, company, or individual except in the following cases:
We transfer your personal information with your explicit consent.
As required by applicable laws, regulations, legal procedures, or mandatory administrative or judicial requirements.
In the event of mergers, acquisitions, or bankruptcy, if personal information is transferred, we will require the new entity to adhere to this policy or seek your authorization again.
4.4 Public Disclosure of Your Personal Data
We will only disclose your personal information publicly in the following circumstances:
With your explicit consent, to disclose the personal information you have designated as agreed upon.
When required by legal procedures, litigation, or mandatory government demands, we may disclose your personal information. We will ensure that such requests have a legitimate basis, are from authorized law enforcement, and are limited to specific investigative purposes with the legal right to access the data.
4.5 Exceptions to Prior Authorization for Sharing, Transfer, or Public Disclosure of Personal Information
Under certain circumstances, we are not required to obtain your prior authorization for sharing, transferring, or publicly disclosing your personal information, including:
For fulfilling legal and regulatory obligations.
When related to national security or defense.
When related to public safety, public health, or significant public interests.
When related to criminal investigation, prosecution, trial, and enforcement of judgments.
When necessary to protect your or others’ significant legal rights and interests, such as life or property, but where consent is difficult to obtain.
Personal information you have already disclosed publicly.
Collection of personal information from legally publicly disclosed sources, such as legitimate news reports or government disclosure channels.
Our Technical and Operational Measures for Protecting Your Personal Information
We take the security of your personal information seriously and implement all reasonable and feasible measures to protect your personal data:
5.1 Data Security Technical Measures
We have adopted industry-standard security technologies and practices to prevent unauthorized access, modification, leakage, damage, or loss of your personal information:
Encryption Technology: We use encryption technology to securely store your personal information, ensuring the safety of transactions and personal data through security management, policies, processes, and network architecture.
Network Security: Our network services use encryption technologies such as Transport Layer Security (TLS) protocols and HTTPS to ensure secure browsing and protect your personal information during transmission.
Data Masking: To enhance the security of your personal information during use, we employ data masking techniques such as content replacement and hashing, especially when displaying or using personal data for calculations.
Malware Prevention: We implement white-box code security testing, black-box security testing, and intrusion detection and prevention technologies to guard your personal data against malicious code.
5.2 Other Security Measures for Protecting Personal Information
We manage and regulate the storage and use of your personal information through data classification, tiered management, security management standards, and secure development practices:
Access Controls: We enforce strict access controls and multi-factor authentication to protect your personal information. Access is granted only to authorized individuals, subject to strict confidentiality agreements, and is monitored through comprehensive security measures.
Security Audits: We conduct regular security audits of personal information, including code security checks and analysis of data access logs.
Information Security Committee: We have established an Information Security Committee with dedicated teams responsible for the security of personal information.
Training: We provide training on security and privacy protection to ensure that employees understand the importance of safeguarding personal data.
5.3 Handling Security Incidents
Security Assurance: While no online environment is 100% secure, we will take all reasonable steps to protect the information you send us. If our physical, technical, or administrative protection measures are breached, resulting in unauthorized access, disclosure, alteration, or destruction of your information, we will bear the legal responsibility for any impacts on your rights.
Incident Notification: If a security incident occurs involving your personal information, we will notify you promptly with details about the situation, possible impacts, actions taken or to be taken, self-protection advice, and remedial measures. We will inform you through email, letters, phone calls, push notifications, or other communication methods. If individual notifications are not possible, we will issue a public announcement. Additionally, we will report the incident to relevant regulatory authorities as required.
Contact Us: If you suspect that your personal information, especially account or password details, has been compromised, please contact us immediately through the provided contact methods so we can take appropriate action.
5.4 How We Store and Retain Your Personal Information
Retention Period: We will retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy and in compliance with applicable laws and regulations. In the interest of protecting your consumer rights, unless otherwise required by law, we will retain your personal information for up to one month after your account is canceled. After this period, your data will be deleted or anonymized.
Termination of Services: If you stop using our services, we will cease collecting and using your information, except where required by law. If we terminate our services or operations, we will stop collecting your personal information and notify you at least thirty days in advance. Upon service termination, your personal information will be deleted or anonymized.
Bright Cash - Secure Loan places great importance on your concerns about personal information. In accordance with Kenyan laws, regulations, and standards, we strive to ensure you can exercise the following rights regarding your personal information:
6.1 Access to Your Personal Information
You have the right to access your personal information at any time, except where restricted by laws and regulations. If you wish to access your data, you can do so through the following:
Your Application Information: Path in the mobile app: Bill page - My Application Status Inquiry.
Your Transaction Information: Path in the mobile app: Bill page - My Bills and other historical transaction information.
If you are unable to access this information through the above links, please contact us via the methods listed in the “How to Contact Us” section of this policy. We will respond to your access request and complete verification and processing within 15 working days.
For other personal information generated during your use of our products or services, we will provide it as long as it does not require excessive effort. You can contact us using the methods provided in the “How to Contact Us” section to request access.
6.2 Correction/Deletion of Your Personal Information
If you find errors in the personal information we process about you, you have the right to request corrections. You can submit a correction request through the methods listed under “Access to Your Personal Information.” If you cannot correct the information through the above links, please contact us using the methods provided in the “How to Contact Us” section. We will respond to your correction request and complete verification and processing within 15 working days.
Deletion of Your Personal Information
You can request the deletion of your personal information by calling our customer service under the following circumstances:
If our processing of personal information violates laws and regulations.
If we collect or use your personal information without your consent.
If our processing of personal information violates the agreement with you.
Upon receiving your deletion request, we will process the deletion in accordance with relevant laws and regulations and provide feedback. If we decide to comply with your deletion request, we will also notify the entities from whom we obtained your personal information, asking them to delete it promptly unless required otherwise by law or if these entities have independent authorization from you.
After you delete information from our services, it may not be immediately removed from backup systems, but it will be deleted when the backups are updated.
You can also withdraw our authorization to continue collecting your personal information by canceling your account.
Account Cancellation
You can apply to cancel your account directly within our product and/or service, cancel Bright Cash - Secure Loan financial services, or cancel specific service functions you have applied for. You can complete account cancellation through the mobile app by accessing “My - Account Cancellation” or contact us through the methods provided in the “How to Contact Us” section. After verifying your cancellation information and contract performance, we will process your account cancellation request.
Responding to Your Requests
For security reasons, you may need to provide a written request or prove your identity in other ways. We may first require you to verify your identity before processing your request. We will respond and complete verification and processing within 15 working days. We generally do not charge fees for reasonable requests, but may charge a fee for repetitive or excessive requests. Requests that are groundlessly repetitive, require excessive technical measures (e.g., developing new systems or changing existing practices), pose risks to others’ legal rights, or are impractical (e.g., involving information stored on backup tapes) may be refused. We cannot respond to your requests in the following situations:
Related to fulfilling legal obligations by the personal information controller.
Related to national security or defense.
Related to public safety, public health, or significant public interests.
Related to criminal investigations, prosecutions, trials, or enforcement of judgments.
Where there is sufficient evidence of subjective malice or abuse of rights by the data subject.
To protect significant legal rights of individuals or others but difficult to obtain consent.
Where responding to the request would severely harm the legal rights of individuals, organizations, or others.
Involving trade secrets.
6.3 Right to Know About Data Sales
In line with our policy, we do not sell your personal data. If our policy changes in the future, we will notify you beforehand and provide options to refuse data sales.
6.4 Right to Refuse Data Sales
You have the right to refuse the sale of your personal data. To exercise your rights, you can contact us through the following methods:
Email: service@agrocapital.cash
Phone: +52 66 8818 5328
Our services are not intended for anyone under the age of 18. We do not knowingly collect personal information from individuals under 18. If you are a parent or guardian and you are aware that your child has provided personal data to us, please contact us. If we discover that we have collected personal data from anyone under 18 without parental consent, we will take steps to delete this information from our servers.
If we need to rely on consent as the legal basis for processing your information, and your country requires parental consent, we may need to obtain your parents’ consent to collect and use this information.
We value your privacy and data security and are committed to providing transparent and reliable services. Below are our commitments and measures to ensure your data is secure and to affirm that we are not spyware or malicious software:
No Spyware Commitment
Our application does not contain any spyware, malware, or adware. We do not track your activities for unauthorized surveillance, nor do we secretly collect your personal information.
Transparent Data Collection and Use
We only collect data that is necessary to provide and improve our services. All data collection and use is done with the user’s knowledge and consent and strictly adheres to our privacy policy.
User Consent and Control
We provide a clear mechanism for user consent and allow users to withdraw consent at any time. Users can manage their personal data through in-app settings or by contacting us, including requesting access, correction, or deletion of data.
Data Security Measures
We use industry-standard encryption and access control technologies to ensure your data is secure. We conduct regular security audits and tests to maintain data integrity and security.
Compliance and Audits
We comply with all applicable privacy laws and regulations and regularly conduct internal and external audits to ensure our practices meet industry standards.
User Support and Contact Information
If you have any questions or concerns, please contact us at:
• Email: service@agrocapital.cash
• Phone: +52 66 8818 5328
We will provide assistance and answers as quickly as possible.
Policy Changes
Our privacy policy may change. We will not reduce your rights under this policy without your explicit consent. We will post any changes to this policy on the Bright Cash - Secure Loan Financial official website.
Notification of Significant Changes
For significant changes, we will notify you in a timely manner through one of the following methods: (1) Pop-up reminder when you log in to the relevant client software or use Bright Cash - Secure Loan Financial services;
(2) Pop-up reminder when you update the client software version;
(3) Push notification when you use Bright Cash - Secure Loan Financial services;
(4) Announcement on the Bright Cash - Secure Loan official website.
Significant changes referred to in this policy include but are not limited to:
(1) Major changes in our business and service model, such as business functions, purposes of processing personal information, types of personal information processed, ways of using personal information, etc.;
(2) Major changes in our ownership structure, organizational structure, etc., such as changes in ownership caused by business adjustments, bankruptcy mergers, etc.;
(3) Changes in the main objects of personal information sharing, transfer, or public disclosure;
(4) Major changes in your rights to participate in the processing of personal information and how these rights are exercised;
(5) Changes in the department responsible for handling personal information security, contact methods, and complaint channels;
(6) When a personal information security impact assessment report indicates a high risk.
Notification of Updated Information
To ensure you receive notifications in a timely manner, it is recommended that you notify us promptly when your contact information is updated. If you continue to use our services after the updated policy takes effect, it means you have fully read, understood, and accepted the updated policy and are willing to be bound by it. We encourage you to review this policy each time you use our services. You can view this policy in the Bright Cash - Secure Loan APP through “Profile - Bright Cash - Secure Loan Privacy Policy.”
Dedicated Personal Information Protection Department
We have established a dedicated department and a dedicated officer for personal information protection. If you have any questions, opinions, or suggestions regarding this policy or your personal information, please contact us through the following methods:
(1) Call customer service number: +52 66 8818 5328
(2) Send an email to: service@agrocapital.cash
(3) Go to the Bright Cash - Secure Loan APP and click on “Home - My - Help Center - Feedback.”
(4) Go to the Bright Cash - Secure Loan APP and click on “Home - My - Help Center - Customer Service Phone.”
The customer service department will work with the dedicated personal information protection department to respond to you promptly.
Response and External Channels
Generally, we will respond and complete the verification and processing within fifteen working days. If you are not satisfied with our response, especially if our personal information processing behavior has harmed your legitimate rights and interests, you can also seek a solution through the following external channels:
Filing a lawsuit with a court of competent jurisdiction
Filing a complaint or report with the relevant regulatory authority.
For the purposes of this Privacy Policy:
‘Account’ refers to the unique account created for you to access our services or parts of our services.
‘Affiliated Company’ refers to an entity that controls, is controlled by, or is under common control with a party, where “control” means owning 50% or more of the shares, equity interests, or other securities entitled to vote for directors or other managing authorities.
‘Application’ refers to the software program provided by the company, downloaded onto any of your electronic devices, named Bright Cash - Secure Loan.
‘Company’ (referred to as “the Company”, “we”, “us” or “our” in this Agreement) refers to Bright Cash - Secure Loan, located at MVC8, Sameer Industrial Park, Road C, Nairobi, Kenya.
‘Cookies’ are small files placed on your computer, mobile device, or any other device by a website, containing details of your browsing history and many uses.
‘Country’ refers to Kenya.
‘Device’ means any device that can access the service such as a computer, cellphone, or digital tablet.
‘Personal Data’ refers to any information related to an identified or identifiable individual.
‘Service’ refers to the application, website, or both.
‘Service Provider’ means any natural or legal person who processes data on behalf of the company. It refers to third-party companies or individuals employed by the company to facilitate the service, provide the service on behalf of the company, perform services related to the service, or assist the company in analyzing how the service is used.
‘Third-Party Social Media Service’ means any website or any social network website through which a user can log in or create an account to use the service.
‘Usage Data’ refers to data collected automatically, either generated by the use of the service or from the service infrastructure itself (for example, the duration of a page visit).
‘Website’ refers to Bright Cash - Secure Loan, accessible from https://www.agrocapital.cash.
‘You’ refers to the individual accessing or using the service, or the company or other legal entity on behalf of which such individual is accessing or using the service, as applicable.