Legal

Privacy Policy

Your privacy is core to how Moovn is built. This policy explains what personal data we collect, why we collect it, how we use and share it, how long we keep it, and the rights you have over it.

Last updated: July 3, 2026

Moovn Technologies (“Moovn”, “we”, “us”) operates a mobility, financing, and fintech platform serving riders, drivers, fleet and vendor partners, and enterprise accounts. This policy applies to our apps, portals, and websites. We handle personal data in line with applicable law — including Kenya's Data Protection Act 2019 and Tanzania's Personal Data Protection Act 2022 — and the principle of collecting only what we need.

The short version

Partners see aliases, not you

Business partners and fleets get opaque, stable references — not your name, phone, or exact ride details.

Never your card number

We hold a payment token, card type, and last four digits — your full PAN and CVV never touch our systems.

Consent, recorded verifiably

Each acceptance is stored with the terms version, a hash of the document, and the timestamp and IP.

One-click unsubscribe

Every marketing email carries a one-click unsubscribe and List-Unsubscribe headers. Service alerts stay on.

Information We Collect

We collect the following categories of personal data, depending on how you use Moovn:

  • Account & profile data — your name, phone number, email address, password (stored only as a salted hash, never in the clear), profile photo, and role (rider, driver, partner, or corporate user).
  • Identity & KYC documents — for drivers and partners, the identity and eligibility documents required to verify you and meet legal obligations (e.g. national ID, driving licence, vehicle and insurance documents). These are collected with your consent and used solely for verification, eligibility, and compliance.
  • Location data — for rides and deliveries, we collect location while the relevant feature is in use, to match trips, provide navigation, calculate fares, and reconcile completed rides. We do not use ride location for unrelated purposes.
  • Device & usage data — device type, app version, and technical logs used to operate the service, keep it secure, and diagnose problems.
  • Payment data — wallet balances, transaction history, and mobile-money details (e.g. M-Pesa phone number and amount). For card payments we receive only a payment token, the card type, and the last four digits from our PCI-compliant payment providers. We never store, log, or transmit your full card number or CVV— card capture happens on the provider's hosted page or fields, not on our systems.

Why We Collect It & How We Use It

  • To provide the core service — book and dispatch rides and deliveries, run driver and vehicle financing, process wallet and settlement transactions, and manage partner programs.
  • To verify identity and eligibility (KYC) and meet our legal, regulatory, and anti-fraud obligations.
  • To keep the platform secure — detecting fraud, abuse, and unauthorized access.
  • To support you, respond to requests, and send service and transaction notifications.
  • To improve the platform and, where you have opted in, to send product and marketing updates.

Lawful Basis & Consent

We process personal data on the lawful bases that apply to each use: to perform our contract with you, to comply with legal obligations (KYC, financial regulation), for our legitimate interests in operating a safe and reliable platform, and — where required — on the basis of your consent.

Consent is captured explicitly and recorded verifiably. When you accept our terms — for example during onboarding or partner enrollment — we record a tamper-evident consent snapshot: the version of the terms you agreed to, a cryptographic hash of that document, and the timestamp and IP address of your acceptance. Sensitive KYC-augmentation signals are strictly opt-in, allow-listed, and recorded with their provenance, and you can withdraw that consent at any time.

How We Share Your Data

We do not sell your personal data. We share it only where necessary and with appropriate safeguards:

  • Business partners and fleet managers see aliases, not raw PII. Moovn is the system of record. Partners and corporate accounts receive aggregate figures and opaque, stable references (not your name, phone, or exact ride details). When an issue needs escalation, they raise the opaque reference to Moovn, which resolves it against the real identity — so the minimum amount of personal data ever leaves our trust boundary.
  • Payment and infrastructure providers — PCI-compliant payment processors, mobile-money networks, cloud, and communications providers that operate the service under contract.
  • Legal and regulatory — where we are required to disclose data by law, regulation, or valid legal process.

Data Retention

We keep personal data only as long as needed for the purpose it was collected, or as long as the law requires — for example, financial and KYC records are retained for the statutory periods that apply to regulated financial services. When data is no longer needed, we delete it or irreversibly anonymize it.

Your Rights

Subject to applicable law, you have the right to:

  • Access the personal data we hold about you.
  • Correct data that is inaccurate or out of date.
  • Erasure — request deletion of your data where we are not legally required to keep it.
  • Withdraw consent for any processing based on consent, without affecting prior lawful processing.
  • Unsubscribe from marketing at any time (see below).

To exercise any of these rights, contact us at hello@moovn.com. We may need to verify your identity before acting on a request.

Marketing & Unsubscribe

We only send marketing email where you have opted in. Every marketing message includes a one-click unsubscribe link and standard List-Unsubscribe headers, so your mail client can unsubscribe you directly. Unsubscribing from marketing does not stop essential service and transaction notifications.

How We Protect Your Data

We encrypt data in transit (TLS) and at rest, minimize the personal data partners can see, enforce least-privilege access, and keep a tamper-evident audit trail of privileged actions. Read more on our Security & Compliance page.

Contact Us

Questions about this policy or how we handle your data? Reach our team at hello@moovn.com or through our contact form. If you believe we have not resolved a concern, you may also contact the data-protection authority in your country.