Privacy Policy

Beys Technologies Ltd. ("Beys", "we", "us") operates a payment gateway accessible at beys.co.tz and through our APIs. This policy describes what personal data we collect, how we use it, and the rights you have under the Tanzania Personal Data Protection Act, GDPR, and similar regulations.

1. Data we collect

Account data: name, email, business name, country, and authentication credentials. Transaction data: card or mobile-money token, amount, currency (TZS and USD), IP address, device fingerprint, and merchant metadata. Communications: support tickets and email correspondence. We do not store full card numbers — PANs are tokenized via our PCI DSS Level 1 vault.

2. How we use it

To process payments, prevent fraud, comply with KYC/AML obligations under Bank of Tanzania guidelines, deliver product updates, and improve the service. We never sell personal data and we do not use it to train third-party models.

3. Legal basis

Performance of contract for transaction processing; legal obligation for financial-crime monitoring; legitimate interest for fraud prevention and product analytics; consent for marketing email.

4. Sharing

With card networks (Visa, Mastercard), mobile-money providers (M-Pesa, Tigo Pesa, Airtel Money), acquiring banks, and regulators when legally required.

5. Retention

Transaction records: 7 years (regulatory). Account data: lifetime of account + 90 days. Support tickets: 3 years. Backups: 35 days.

6. Your rights

Access, rectification, erasure, restriction, portability, and objection. Email privacy@beys.co.tz with verification. We respond within 30 days.

7. International transfers

Data is processed in Tanzania and EU (Frankfurt). Cross-border transfers use Standard Contractual Clauses + supplementary measures.

8. Contact

Data Protection Officer: dpo@beys.co.tz · Mbezi Beach, Dar es Salaam, Tanzania · +255 747 636 287.