Nichomez — Growing together

Privacy Policy

Nichomez Enterprise · Last updated: 8 June 2026 · Applies to nichomez.com, api.nichomez.com, and the Nichomez Android app

Nichomez Enterprise ("Nichomez", "we", "us") provides multi-tenant financial management software for help groups, GROUP/SACCOs, and cooperatives. This Privacy Policy explains how we collect, use, store, and share information when you use our marketing website, web application, APIs, and mobile app.

1. Who this policy covers

  • Visitors to nichomez.com (product information and live aggregate statistics).
  • Members and officials who sign in at api.nichomez.com or through the Nichomez Android app.
  • GROUP/SACCO administrators who configure tenant settings, reports, communications, and payment integrations.

Each GROUP/SACCO is a separate tenant. Your organization’s officials control most day-to-day data about members. Nichomez operates the platform infrastructure, security, and shared payment rails on their behalf.

2. Information we collect

Depending on how you use Nichomez, we may process:

  • Account and identity data: name, phone number, email address, national ID or registration number where collected by your GROUP/SACCO, login credentials, role (member, official, collector), and session tokens.
  • Financial and membership data: contributions, share capital, loan applications and balances, repayments, fines, dividends, withdrawals, guarantor details, statements, and ledger postings maintained for your organization.
  • Payment and wallet data: M-Pesa references, STK push receipts, paybill details, KCB e-wallet transaction references, and reconciliation metadata required to post deposits and disbursements.
  • Communications: SMS and email content sent through the platform, reminder preferences, and delivery logs.
  • Device and technical data: IP address, browser or app version, device type, operating system, crash diagnostics, and API request logs used for security and reliability.
  • Voice input (optional): if you use the in-app assistant with speech dictation, audio is processed to text for your session. We do not use voice data for advertising.
  • Contact picker (officials only): when registering a member from phone contacts, you choose a contact through the system picker. We receive only the fields you confirm in the registration form — not your full address book.

3. How we use information

  • Authenticate users and enforce role-based access within each tenant.
  • Operate ledgers, loans, contributions, reports, and official workflows requested by your GROUP/SACCO.
  • Send transactional SMS, email, and in-app notices (e.g. payment reminders, loan installments).
  • Integrate with payment providers (including KCB and M-Pesa) to initiate and reconcile payments you authorize.
  • Run optional programs your officials enable, such as debt collection hubs and member referral rewards.
  • Monitor platform health, prevent fraud, and improve reliability and security.
  • Display aggregate, non-personal statistics on nichomez.com (e.g. total registered members across tenants).

4. Legal bases and your organization’s role

Nichomez processes data to perform our contract with your GROUP/SACCO and its members, to comply with applicable law, and — where appropriate — with consent (for example, optional programs or marketing communications your officials enable). Your GROUP/SACCO remains responsible for informing members about how their data is used within that organization and for collecting any consents required under Kenyan law.

5. Sharing and disclosure

We do not sell personal data. We may share information with:

  • Your GROUP/SACCO officials and other authorized users within the same tenant.
  • Service providers that host infrastructure, deliver SMS/email, or process payments — under contractual confidentiality and security obligations.
  • Regulators or courts when required by law, or to protect rights, safety, and platform integrity.
  • Other members only where your GROUP/SACCO’s policies and product features make information visible (e.g. guarantor lists, referral attribution).

6. Data retention and security

We retain data for as long as your GROUP/SACCO uses the platform and as needed for accounting, audit, dispute resolution, and legal obligations. We apply access controls, encryption in transit (HTTPS/TLS), tenant isolation, and operational monitoring. The Android app stores session tokens locally with backup disabled at the application level.

7. International processing

Infrastructure providers may process data outside Kenya. Where this occurs, we require appropriate safeguards consistent with applicable data-protection requirements.

8. Your rights and choices

Subject to law and your GROUP/SACCO’s policies, you may request to:

  • Access or correct personal data we hold about you.
  • Withdraw consent for optional processing where consent is the legal basis.
  • Object to or restrict certain processing, or request deletion where no longer required.

Contact your GROUP/SACCO officials first for member-record changes. For platform-level requests, reach us through your organization’s Nichomez administrator or the support channel provided in the application. To delete an unpaid demo or trial Nichomez login, use our account deletion page.

9. Children

Nichomez is intended for registered members and officials of financial groups. We do not knowingly collect data from children under 18 without appropriate authorization from a guardian and the GROUP/SACCO.

10. Changes to this policy

We may update this policy from time to time. Material changes will be reflected on this page with a revised "Last updated" date. Continued use of Nichomez after changes constitutes acceptance of the updated policy.

11. Contact

Nichomez Enterprise
Nairobi, Kenya
Platform: api.nichomez.com
Related document: Terms of Service