Privacy Policy

Version 1.1

Last Updated: November 16, 2025

1. Introduction

Welcome to Chattak Electronic Money Institution ("Chattak EMI," "we," "us," or "our"). We are committed to protecting your privacy and handling your personal data in an open and transparent manner.

This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application (the "App") and our services. This policy is designed to comply with the requirements of Afghanistan's regulatory bodies, including Da Afghanistan Bank (DAB) and the Financial Transactions and Reports Analysis Center of Afghanistan (FinTRACA), as well as the standards required by mobile application marketplaces.

Please read this policy carefully. If you do not agree with the terms of this privacy policy, please do not access the App.

2. Information We Collect

To provide you with secure and compliant financial services, we need to collect certain personal information. The types of information we may collect include:

a) Personal Identification Information (PII):

  • Full name, date of birth, gender, and contact details (address, email address, phone number).
  • Official identification documents, primarily the Afghan national electronic identity card (e-Tazkira), for Know Your Customer (KYC) and Customer Due Diligence (CDD) purposes.
  • Biometric information, if required for identity verification and with your explicit consent.

b) Financial Information:

  • Transaction history, including dates, amounts, currencies, and counterparties.
  • Information related to your e-money wallet, such as balance and funding sources.
  • Sources of funds, where required by anti-money laundering regulations.

c) Device and Usage Information:

  • Information about your mobile device, such as IP address, device type, operating system, and unique device identifiers.
  • Information about how you use our App, including access times, features used, and pages viewed.
  • Optional Mobile Permissions: With your explicit consent, we may access your device's Camera (to scan documents like e-Tazkira for KYC) and Contacts (to facilitate sending money to friends). You may revoke these permissions at any time through your device settings.

d) Communications:

  • Information you provide when you contact our customer support team or respond to surveys.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To Provide and Manage Your Account: To create and maintain your account, process your transactions, and provide you with our electronic money services.
  • For Security and Fraud Prevention: To monitor and prevent fraudulent activities, unauthorized access, and other security incidents.
  • For Regulatory Compliance: To comply with legal obligations, including KYC, CDD, and Anti-Money Laundering (AML) / Countering the Financing of Terrorism (CFT) requirements set by DAB and FinTRACA.
  • To Improve Our Services: To analyze user behavior and feedback to enhance the functionality and user experience of the App.
  • For Communication: To send you service announcements, important updates, and promotional materials (with your consent).

4. How We Share Your Information

We do not sell your personal information. We may disclose your information to the following categories of recipients:

  • With Regulatory and Law Enforcement Bodies: We must share your information with bodies like Da Afghanistan Bank (DAB) and FinTRACA for compliance, reporting, and law enforcement purposes.
  • With Third-Party Service Providers: We may share your information with trusted vendors and partners who perform services on our behalf, such as data hosting, fraud detection, and IT security. These providers are contractually obligated to protect your data and are not permitted to use it for their own purposes.
  • For Legal Reasons: We may disclose your information if we believe it is necessary to respond to a subpoena, court order, or other legal process, or to protect our rights, property, or the safety of others.
  • In Case of Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
  • Data Storage and Transfer: All personal data is primarily processed and stored on secure servers located. If any data is transferred outside of Afghanistan, we ensure it is protected by the same level of security and in compliance with all applicable Afghan data protection laws.

5. Data Security

We take the security of your data very seriously and have implemented robust technical, administrative, and physical security measures to protect it from unauthorized access, use, alteration, or disclosure. These measures are based on the principles outlined in our internal security policies and include:

  • Access Controls: We enforce the Principle of Least Privilege and Role-Based Access Control to ensure that only authorized personnel with a legitimate business need can access your personal data.
  • Encryption: We use strong encryption to protect your sensitive data both at rest (when stored on our servers) and in transit (when transmitted over the internet).
  • Regular Audits: Our systems and security protocols are regularly audited to ensure ongoing protection.

6. Data Retention

We will retain your personal information for as long as your account is active and for a period thereafter as required by law.

Regulatory Requirement: Under Afghan regulations, specifically the Financial Customer Protection Regulation and AML/CFT laws, we are required to keep customer identification documents and transaction records for a minimum of Ten (10) years after the business relationship ends. We will securely delete or anonymize your information once it is no longer needed for these legal or regulatory purposes.

7. Cookies and Tracking Technologies

We and our third-party partners may use cookies, web beacons, and other tracking technologies to collect information about your interactions with our App and website. These technologies help us analyze service usage, prevent fraud, and manage our marketing efforts.

You have the option to refuse or disable cookies through your browser or device settings, but please note that doing so may limit your ability to use certain features of the Service.

8. Your Rights

You have certain rights regarding your personal information, subject to our legal and regulatory obligations. These rights may include:

  • The right to access: You can request a copy of the personal information we hold about you.
  • The right to rectification: You can request that we correct any inaccurate or incomplete information.
  • The right to be forgotten: You can request that we delete your personal information. Please note that we cannot delete information that we are legally required to retain, such as KYC records and transaction history (see Section 6).

To exercise any of these rights, please contact us using the details provided below.

9. Children's Privacy

Our services are not intended for users under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that a child under 16 has provided us with personal information, we will take steps to delete such information.

10. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this policy. You are advised to review this Privacy Policy periodically for any changes.

11. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Chattak

Traffic Square, PD4, Kabul, Afghanistan

Email: contact@chattak.com

Phone: +93 78 728 2840