Privacy Policy

Bingwa Flash helps Bingwa Sokoni agents automate USSD fulfilment after receiving M-Pesa payments. This policy explains what information the app and website use, why it is needed, and how agents and customers can control it.

We collect only the information needed to run account, automation, order, support, and billing features:

• Account details: email address, agent name, business name, phone number, username, till number, and verification status.
• App settings: offer configuration, USSD mappings, retry settings, notification templates, relay rules, and web order settings.
• Transaction records: customer name or phone when available, amount, offer, status, execution responses, and timestamps.
• Support messages and diagnostic information needed to resolve errors or abuse.
• Subscription, token, and payment metadata needed to enable paid features.
• Web order data: paying phone number, receiving phone number, offer selected, M-Pesa reference, and order status.

With the agent's permission, the Android app reads relevant SMS messages to detect M-Pesa payment confirmations, Safaricom responses, verifier messages, relay packets, web order SMS, and masked-number lookup responses. The app uses this information to create transactions, run configured USSD steps, update status, send configured auto-replies, and recover pending work.

Accessibility and phone permissions are used only to support automation, observe USSD windows, enter configured steps, and close or recover from USSD sessions. The app may store USSD response text in transaction history so the agent can audit what happened.

Client lists are stored primarily on the agent's device. Clients may be added manually, imported from M-Pesa inbox messages, imported from files, saved from masked-number resolution, or registered from the website when the agent enables website registration.

When a client registers from the website, the website temporarily writes the registration to Firestore so the agent app can fetch it. After the app imports it locally, the remote client payload is deleted where possible. A small client PIN record may remain so the client can manage their own registration.

If the agent enables contact auto-save, the app may save imported clients to the selected phone, SIM, or Google contacts storage available on the device.

Agents can publish a public order page using their username. Public pages may show the agent name, business name, phone number, till number, verification badge status, web order availability, and enabled public offers.

When a customer places a web order, we collect the paying phone number, receiving phone number, offer selected, M-Pesa transaction reference, and order status. This data is used to trigger the STK push payment, notify the agent app, and complete the order. Funds collected from the M-Pesa STK push are forwarded to the agent almost immediately after payment confirmation. Bingwa Flash acts as an intermediary only and does not hold funds beyond the time needed to process the transaction.

Relay features allow agents to send or receive transaction packets using configured relay methods such as SMS, online relay, hotspot, or Bluetooth. Online relay uses Firestore only when an enabled online receiver rule exists.

Portal features allow an authorised web session to view or control selected device activity when the agent enables it. If portal sync is disabled, or no active viewer is present under the configured rules, the app is designed to avoid unnecessary portal reads and writes.

• Authenticate agents and protect accounts from unauthorised access.
• Run transaction automation, retries, reschedules, verifications, and fail recovery.
• Show dashboards, commissions, statistics, transaction details, and client history.
• Publish web order pages, receive web order payments, and forward funds to agents.
• Send configured SMS replies, relay packets, and agent alerts.
• Investigate crashes, abuse, fraud, and support requests.
• Comply with legal obligations and protect the safety of users and the platform.

We do not sell personal information. We use Google Firebase and Google Cloud services for authentication, Firestore, hosting, functions, crash diagnostics, and related infrastructure.

We may share information with third parties only in the following circumstances:

• With infrastructure providers (Google Cloud / Firebase) as needed to operate the service.
• With Safaricom or M-Pesa where required to process payments or resolve payment disputes.
• As required by applicable law, court order, or regulatory request.
• Where we reasonably believe disclosure is necessary to prevent fraud, abuse, or harm to users or the platform — see section 09 below.

Bingwa Flash takes fraud, abuse, and platform interference seriously. We reserve the right to collect, retain, and disclose the following information to Safaricom, law enforcement, or other relevant authorities when we have reasonable grounds to believe fraud, criminal activity, or serious abuse has occurred:

• Phone numbers (paying number, receiving number, agent phone number).
• M-Pesa transaction references, amounts, timestamps, and order records.
• Agent account details including name, business name, username, and till number.
• Device identifiers, IP addresses, and session records where available.
• Any other information relevant to the investigation of the reported incident.

Any attempt to overload, disrupt, scrape, probe, or otherwise interfere with the Bingwa Flash platform — including its website, API endpoints, Firebase resources, or agent order pages — is a violation of our Terms of Service and may be reported to law enforcement. We log and monitor platform activity and may take legal action where warranted.

Local transaction and client history remains on the agent device until the agent deletes it, clears app data, or uninstalls the app. Firestore records are retained only as long as needed for account, website, relay, portal, billing, support, and abuse-prevention features. Website order data is retained long enough to confirm delivery and resolve any disputes. Website client inbox data is intended to be short-lived and deleted after app import.

• Agents can disable automation, relay rules, portal sync, web orders, website registration, verifier matching, alerts, and contact auto-save from app settings.
• Agents can delete local clients and transaction records from the app.
• Clients can request removal from an agent's client list through the website flow where available, or by contacting the agent.
• You may request account deletion or data assistance by contacting support at support@bingwaflash.co.ke.

We use Firebase Authentication, Firestore security rules, HTTPS, and app-side access controls to protect data. No system is perfect, so agents should keep their devices locked, avoid sharing credentials, and review automation settings regularly.

For privacy questions, account deletion, fraud reports, or support, contact support@bingwaflash.co.ke or visit bingwaflash.co.ke.