Privacy Policy — SusuBox

1. What we collect

Account info: full name, email, phone number.
KYC info: ID type, ID number, and (where applicable) ID document image.
Financial activity: contributions, payouts, withdrawals, wallet balance.
Technical: IP address, device type, and basic usage logs for security.

2. How we use your information

We use your data to operate your account, verify your identity, process contributions and payouts, prevent fraud, comply with legal obligations, and send transactional notifications (e.g., approvals, payout confirmations).

3. Who can see your data

Other members of your savings group can see your name and your position in the payout queue. They cannot see your KYC documents, ID number, email, or wallet balance. Only SusuBox admins can review KYC submissions and process payouts.

4. Data retention

We retain account, transaction, and audit data for as long as your account is active and for up to 7 years after closure to comply with financial record-keeping requirements.

5. Security

We use encrypted connections (HTTPS), database row-level security, and role-based admin access. Every admin action is recorded in an immutable audit log. Daily encrypted backups are taken automatically.

6. Your rights

You can request a copy of your data, ask us to correct it, or request deletion of your account (subject to legal retention requirements). Email us at privacy@susubox.app.

7. Cookies

We use only essential cookies needed to keep you signed in. We do not use third-party advertising or tracking cookies.

8. Changes

We may update this policy. Material changes will be communicated via email or in-app notification.