Orbit Microfinance logo
Orbit MicrofinanceModern Microfinance Platform
Back to Home

Privacy Policy

Last updated: January 24, 2025

1. Introduction

OrbitMFI, a product of MultiSphere Technologies ("we", "our", or "us") is committed to protecting your privacy and ensuring the security of your personal and financial information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our microfinance management platform at orbitmfi.com (our "Service").

By using OrbitMFI, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us, including:

  • Identity Information: Name, date of birth, government-issued ID numbers, photographs
  • Contact Information: Email address, phone number, physical address
  • Financial Information: Bank account details, income information, credit history, loan application data
  • Employment Information: Employer name, job title, work history, salary details
  • Account Credentials: Username, password (encrypted), security questions

2.2 Usage Data

We automatically collect information about how you interact with our Service:

  • IP address, browser type, and version
  • Pages visited, time spent on pages, and navigation paths
  • Device information (type, operating system, unique device identifiers)
  • Login times and access logs
  • Actions taken within the platform

2.3 Third-Party Data

With your consent, we may collect information from third-party sources including:

  • Credit bureaus and credit reference agencies
  • Payment processors (Paystack, Mobile Money providers)
  • Identity verification services
  • Social media platforms (if you choose to connect them)

3. How We Use Your Information

We use the collected information for the following purposes:

  • Service Provision: To provide, maintain, and improve our microfinance platform
  • Account Management: To create and manage your account, authenticate users
  • Loan Processing: To evaluate loan applications, assess creditworthiness, process disbursements and repayments
  • Communications: To send transaction alerts, payment reminders, account updates via SMS, email, or in-app notifications
  • Fraud Prevention: To detect, prevent, and address fraudulent activities and security threats
  • Compliance: To comply with legal obligations, regulatory requirements, and Bank of Ghana (BoG) regulations
  • Analytics: To understand usage patterns and improve user experience
  • Customer Support: To respond to your requests and provide technical support

4. Data Security Measures

We implement industry-leading security measures to protect your information:

  • Encryption: All data is encrypted in transit (SSL/TLS) and at rest (AES-256)
  • Access Controls: Role-based access control (RBAC) and multi-factor authentication (MFA)
  • Data Isolation: Tenant-level and branch-level Row Level Security (RLS) ensures complete data separation
  • Regular Audits: Quarterly security assessments and penetration testing
  • Backup Systems: Automated daily backups with 30-day retention and point-in-time recovery
  • Monitoring: 24/7 system monitoring and intrusion detection
  • Compliance: Adherence to PCI-DSS, GDPR, and local data protection regulations

5. Data Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • With Your Consent: When you explicitly authorize us to share specific information
  • Service Providers: With trusted third parties who assist in operating our platform (e.g., Paystack for payments, SMS providers)
  • Legal Requirements: When required by law, court order, or government request
  • Credit Bureaus: To report payment history and credit information as part of responsible lending
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with prior notice)
  • Fraud Prevention: To protect against fraud, unauthorized transactions, and other illegal activities

6. Data Retention

We retain your personal information for as long as necessary to:

  • Provide our services to you
  • Comply with legal obligations (typically 7 years for financial records)
  • Resolve disputes and enforce our agreements
  • Maintain security and prevent fraud

After account closure, we will delete or anonymize your personal data within 90 days, except where retention is required by law.

7. Your Rights and Choices

You have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Update or correct inaccurate information
  • Deletion: Request deletion of your personal information (subject to legal requirements)
  • Portability: Request your data in a machine-readable format
  • Objection: Object to certain processing activities
  • Withdraw Consent: Withdraw previously given consent (may affect service availability)
  • Communication Preferences: Opt-out of marketing communications

To exercise these rights, please contact us at support@orbitmfi.com.

8. Cookies and Tracking Technologies

OrbitMFI uses cookies and similar tracking technologies to enhance your experience:

  • Essential Cookies: Required for platform functionality (authentication, security)
  • Performance Cookies: Help us understand how you use the platform
  • Analytics: Aggregate usage data to improve our services

You can control cookies through your browser settings, but disabling certain cookies may affect functionality.

9. International Data Transfers

Your information is primarily stored in Ghana on secure servers. If we transfer data internationally, we ensure appropriate safeguards are in place through standard contractual clauses or other approved mechanisms.

10. Children's Privacy

OrbitMFI is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we discover we have collected information from a child, we will delete it immediately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes via:

  • Email notification
  • In-platform banner alerts
  • Prominent notice on our website

Changes will be effective 30 days after notification, unless otherwise stated.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

  • Data Protection Officer: privacy@orbitmfi.com
  • General Support: support@orbitmfi.com
  • Phone: +233 24 939 7960 | +233 24 592 9202
  • Address: No. 45 Independence Avenue, Ridge, Accra, Ghana
  • Website: www.orbitmfi.com

Regulatory Authority: For data protection complaints, you may also contact the Data Protection Commission of Ghana.