AyaLend Privacy Policy

Effective Date: July 3, 2025

We may update this Privacy Policy to reflect changes in legal or business requirements. Updates will be communicated via in-app notifications, website announcements, or email. Your continued use of AyaLend constitutes agreement to the latest policy. If you disagree, please discontinue using our loan services.

1. AyaLend’s Commitment to Privacy

1.1 Who We Are

AyaLend is developed and operated by AVANÇA NA VIDA – SOCIEDADE DE MICRO CRÉDITO, LDA. (Registration No.: FCDS00000138792/18102023), Regulated by the Bank of Ghana, we provide secure and convenient loan services through the AyaLend mobile app, available on Google Play under the "Finance" category.

We are committed to protecting your personal information transparently and responsibly, in strict compliance with the Ghana Data Protection Act (2019) and Google Play 2025 Personal Loan App Privacy Requirements.

1.2 Scope of This Policy

This Privacy Policy applies to personal information we collect, process, and protect when you use the AyaLend app, website, or related services, including browsing, registration, loan applications, and account management.

1.3 Your Consent and Control

Transparency is central to our operations. Before you register, verify your identity, apply for a loan, or perform other actions, we provide clear prompts (e.g., pop-ups or process guides) explaining the purpose and use of your data. Explicit consent is required to proceed with loan-related features.

  • Non-consenting users: You may still use the app, but core features may be restricted.
  • Withdrawing consent: You may revoke consent for non-essential data uses at any time by contacting support@ayalend.com.

2. Information We Collect

2.1 Types of Data We Collect and Usage

AyaLend requests only the following permissions, strictly limited to necessary purposes:

  • Camera Permission:
    • To capture ID photos for KYC (Know Your Customer) verification.
    • To perform real-time facial recognition to prevent fraud.
    • Requested via runtime pop-ups, which you can disable in device settings without affecting browsing functionality.
    • The camera is used only when you actively initiate verification, with no background access.
  • SMS Permission:
    • With your authorization, we locally detect SMS containing financial or fraud-related keywords (primarily from banks or service providers) to ensure loan security and prevent fraud.
    • For credit assessment, risk management, and anti-fraud purposes, we may collect SMS logs and transmit/store them on our server (https://al.ayalend.com) financial SMS and unrelated personal content are filtered out and not stored.
    • When we request SMS permissions, the app provides a clear statement regarding the collection of SMS data. You are presented with clear "Agree" or "Disagree" options to make an informed choice.
    • You can disable this feature in your permission settings at any time, though this may affect access to full loan services.
  • Contacts (Emergency Only):
    • You are required to manually enter the names, relationships, and phone numbers of two emergency contacts.
    • We do not access or upload your contact list. These details are used for identity verification and fraud control.
  • Installed Apps:
    • Used to check for apps associated with financial activity or risk.
    • We do not access app usage behavior or unrelated apps.
  • Network & Device Info:
    • Purpose: Secure session management, fraud detection, and service continuity.
    • Includes Wi-Fi status, IP address, and Google Advertising ID (GAID).

For all the permissions mentioned above, we provide clear explanations regarding the purpose of data collection at the time of request. You are given explicit "Agree" and "Disagree" options, allowing you to make an informed and voluntary choice. If you choose "Disagree", you may still access certain features of the app.

2.2 Data Collection and Protection Mechanisms
  • Collection Method: Obtained through forms you complete or files you upload in the app.
  • Transmission Security: Data is encrypted using HTTPS (TLS 1.3) and sent to our servers (https://al.ayalend.com/ ).
  • Storage Security: Data is stored with AES-256 encryption, protected by firewalls and intrusion detection systems, with regular security audits.
  • No Tracking Tools: We do not use cookies, web beacons, or third-party analytics technologies.
2.3 SDK Disclosure
2.3.1 Use of Third-Party SDKs

To improve advertising performance and user acquisition tracking, AyaLend integrates the following third-party SDKs, used strictly for permitted and essential functions. We do not access sensitive device permissions or collect sensitive personal information through these SDKs. All SDKs are registered on the Google Play SDK Index and comply with Google Play’s data privacy and minimization guidelines.

  • AppsFlyer SDK: Provider: AppsFlyer Ltd.
    • Data Collected: App installation and engagement data, attribution and campaign effectiveness data, Google Advertising ID (GAID), basic diagnostic and performance metadata.
    • Purpose: To analyze how users discover AyaLend, track advertising performance, and improve user acquisition strategies.
    • Data Protection: No sensitive personal data collected, no access to sensitive permissions, data encrypted during transmission.
    • SDK Link: https://play.google.com/sdks/details/com-appsflyer-af-android-sdk
  • Facebook SDK: Provider: Meta Platforms Ireland Ltd.
    • Data Collected: Facebook App ID, limited interaction metadata, technical information to enable Facebook login or content sharing (if applicable).
    • Purpose: To allow users to interact with Facebook content and for attribution purposes related to marketing campaigns.
    • Data Protection: No sensitive permissions accessed, data retained only for the duration necessary, no data shared with third parties without explicit consent.
    • SDK Link: https://play.google.com/sdks/details/com-facebook-android-facebook-share
2.3.2 Data Transmission and Protection
  • All SDK-related data is encrypted using TLS 1.3 or higher during transmission.
  • SDK providers are prohibited from sharing data with unauthorized third parties.
  • SDKs are used only for legitimate, approved use cases.
  • We maintain an internal security framework with regular audits and risk assessments to ensure SDK compliance.
  • All SDK usage aligns with Ghanaian privacy regulations and Google Play’s 2025 Personal Loan App Privacy Requirements.

3. How We Use Your Data

We use your information only for the following essential purposes:

  • Identity Verification: To validate your identity through KYC processes and prevent fraud.
  • Credit Assessment: To evaluate creditworthiness for loan approvals.
  • Loan Management: To facilitate loan disbursement, repayment tracking, and overdue handling.
  • Customer Support: To address inquiries, resolve disputes, and enhance your experience.
  • Legal Compliance: To report data to the Ghana Credit Reference Bureau (CRB) or respond to regulatory requirements.
  • Security: To detect suspicious activity and safeguard your account.

Clear Statement: Your data will not be used for marketing or unrelated purposes without your explicit consent.

4. Data Sharing and Sales

4.1 Data Sharing and Leakage Prevention

We adhere to the data minimization principle, sharing data only in the following cases:

  • Ghana Credit Reference Bureau (CRB): With your authorization, we share identity and loan information for credit evaluation.
  • Regulatory Authorities: Data may be disclosed to the Bank of Ghana or Data Protection Commission as required by law.
  • Collection Partners: For overdue loans, after legal notification, we share necessary information (e.g., name, loan amount).
  • Service Providers: Limited data is shared with partners (e.g., payment processors) bound by confidentiality agreements to complete transactions.
4.2 Sharing Protections
  • Data is transmitted via TLS 1.3 encryption, restricted to specific purposes.
  • Partners must comply with strict data protection agreements.
  • We do not share data with third parties for advertising or marketing.
4.3 Data Sales Policy

Our Commitment:

  • AyaLend does not sell, lease, or use your personal information for commercial profit.
  • Your data is used solely for providing loan services, meeting legal obligations, or supporting essential operations (e.g., payment processing).
  • We ensure data is not misused or transferred without permission through encryption, access controls, and internal policies.

5. Data Security Measures

We implement the following measures to protect your information:

  • Encryption: TLS 1.3 for transmission, AES-256 for storage.
  • Access Control: Only authorized personnel can access data, with logs retained for at least 180 days.
  • System Protection: Firewalls, intrusion detection, and regular vulnerability scans.
  • Secure Development: Strict processes with ongoing risk monitoring and mitigation.

Note: While we employ advanced safeguards, internet transmission carries inherent risks. We recommend using our services in a secure environment.

6. Data Retention and Deletion

6.1 Retention Periods
  • Identity Information: Retained during account activity and for 7 years after deactivation to comply with legal requirements.
  • Emergency Contacts: Deleted within 90 days after loan repayment.
  • Transaction Data: Kept as required for tax or audit purposes, typically up to 7 years.
6.2 Deletion Process
  • Request Submission: Submit deletion requests via in-app features or support@ayalend.com.
  • Verification and Processing: Requires identity verification and loan clearance, completed within 15 working days.
  • Account Restriction: Deleted accounts cannot be re-registered to prevent misuse.
  • Legal Retention: If required by law (e.g., backup archives), data is isolated until deletion is possible.

7. Your Privacy Rights

Under the Ghana Data Protection Act (2019), you have the following rights:

  • Access: View the personal information we hold.
  • Correction: Amend inaccurate or incomplete data.
  • Deletion: Request data deletion, subject to legal conditions.
  • Restriction: Limit non-essential data processing.
  • Revocation of Consent: Withdraw authorization for non-essential data uses.

How to Exercise: Submit requests via support@ayalend.com or in-app features. We will respond within 15 working days. If dissatisfied, you may contact the Ghana Data Protection Commission.

8. Protection of Minors

  • AyaLend serves only users aged 18 and above.
  • KYC processes verify age via ID documents, ensuring minors cannot register or borrow.
  • If minor data is detected, it is immediately deleted.
  • Parents or guardians may contact support@ayalend.com to address concerns.

9. Data Protection Officer

We have appointed a dedicated Data Protection Officer (DPO) responsible for:

  • Overseeing privacy compliance.
  • Handling user requests and complaints related to privacy.
  • Reporting to regulatory authorities.
  • Updating privacy measures.

Contact: dpo@avancanavida.co (response within 15 working days).

10. Contact Us

  • Company Name: AVANÇA NA VIDA – SOCIEDADE DE MICRO CRÉDITO, LDA.
  • Customer Support Email: support@ayalend.com
  • Privacy Officer Email: dpo@avancanavida.co
  • Address: P. O. Box 494, Weija-Accra, Ghana
  • Working Hours: Monday to Friday, 09:00–18:00 (local time)

AyaLend is a product of AVANÇA NA VIDA – SOCIEDADE DE MICRO CRÉDITO, LDA, providing fast and secure personal loans in Ghana. Empowering your financial future.

Contact Information

WhatsApp / Phone
+233 553408479
Email
support@ayalend.com
Address
P. O. Box 494, Weija-Accra

Help & Support