Legal

Privacy Policy

We are committed to protecting your personal data and being transparent about how we collect, use, and safeguard it across our messaging services.

Last Updated: 12 May 2025
Eira Digital Co. Limited

Thank you for choosing eSMS Africa, a product by Eira Digital Co. Limited. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Bulk SMS, OTP & Verification, SMS APIs, Voice, and SMPP connectivity services through www.esmsafrica.io and app.esmsafrica.io.

Scope & Applicability

This Privacy Policy applies to all users in the following countries where we operate:

Uganda
Kenya
Tanzania
Rwanda
Ghana
Malawi
Nigeria
Zambia
Burundi
Ivory Coast

Information We Collect

Personal Data

We collect information that identifies individuals, including:

  • Contact Information: Full name, email address, phone number
  • Identification Details: Government-issued ID (for KYC compliance)
  • Account Credentials: Usernames, passwords (hashed)
  • Payment Information: Credit card details (processed via Flutterwave), Mobile Money, and bank transfer records
  • Communication Records: Support tickets, email correspondence
  • Technical Data: IP addresses, device information, browser type

Company / Organization Data

For business accounts, we collect:

  • Business Identification: Company name, registration number, tax ID
  • Official Documents: Certificates of incorporation, business licenses
  • Organizational Details: Physical address, industry sector, company size
  • Authorized Representatives: Names and positions of account administrators
  • Billing Information: Invoices, payment history, VAT records

Service Usage Data

  • Messaging Metrics: SMS delivery logs, timestamps, recipient numbers
  • API Usage: Call volumes, response times, error logs
  • System Interactions: Dashboard activity, feature usage patterns

Automatically Collected Data

Through cookies and similar technologies:

  • Session Information: Login times, duration of visits
  • Analytics Data: Page views, clickstream data
  • Device Information: Operating system, screen resolution

How We Use Your Data

We process your information to:

  • Provide and maintain our SMS, Voice, and USSD services
  • Process transactions through Flutterwave and other payment gateways
  • Verify business accounts and comply with regulatory requirements
  • Monitor and analyze service usage and performance
  • Prevent fraudulent activities and enhance security
  • Communicate service updates and important notices
  • Improve user experience and develop new features

Data Sharing & Third Parties

We may share data with:

  • Payment Processors: Flutterwave for transaction processing
  • Telecommunication Providers: For SMS/Voice message routing and delivery
  • Cloud Service Providers: AWS, Google Cloud for data hosting
  • Regulatory Authorities: When required by law in our operating countries
  • Business Partners: With whom we collaborate to provide services

All third-party providers are contractually obligated to maintain confidentiality and security of your data.

International Data Transfers

Your data may be transferred to and processed in countries outside of your residence. We ensure all transfers comply with applicable data protection laws through:

  • Standard contractual clauses
  • Adequacy decisions where applicable
  • Other lawful transfer mechanisms

Data Security

We implement robust security measures including:

  • End-to-end encryption for sensitive data
  • Regular security audits and penetration testing
  • Multi-factor authentication for account access
  • Role-based access controls for employees
  • Secure development practices for our applications

Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access and receive a copy of your personal data
  • Request correction of inaccurate information
  • Request deletion of your data under certain conditions
  • Object to processing of your personal data
  • Request restriction of processing
  • Withdraw consent where processing is based on consent
  • Lodge a complaint with a data protection authority

Data Retention

We retain personal data:

  • For as long as necessary to provide our services
  • To comply with legal obligations (typically 5–7 years for financial records)
  • For legitimate business purposes
  • Until account deletion requests are processed

Aggregated data may be retained indefinitely for analytics.

Cookies & Tracking Technologies

We use:

  • Essential Cookies: Necessary for platform functionality
  • Analytics Cookies: Google Analytics to understand usage patterns
  • Preference Cookies: To remember your settings

You can manage cookie preferences through your browser settings.

Children's Privacy

Our services are not directed to individuals under 18. We do not knowingly collect personal information from children without parental consent.

Policy Updates

We may update this policy periodically. Material changes will be communicated through:

  • Email notifications to registered users
  • Dashboard announcements
  • Updated revision dates on this page

Contact Us

For any privacy-related inquiries or to exercise your rights:

Data Protection Officer
Eira Digital Co. Limited
+256 740 802 259
P.O.BOX 120778, Kampala, Uganda