Legal document

Privacy Policy

Last updated: April 14, 2026

Table of contents
Protecting your personal data is a priority for Katica. This policy explains what data we collect, why we collect it, and how you can exercise your rights.

1. Data Controller

The data controller is BytesMind, a company registered in Cameroon under number [RC NUMBER], reachable at privacy@katica.app.

2. Data Collected

2.1 Data Provided at Registration

  • First name and last name
  • Phone number
  • Email address
  • Password (stored encrypted, never in plain text)
  • Chosen role (buyer / seller)

2.2 Identity Verification Data (KYC)

  • Photo of national ID or passport
  • Proof of address
  • Verification selfie (where applicable)

2.3 Transaction Data

  • Amounts, dates and descriptions of transactions
  • Associated Mobile Money accounts (MTN, Orange)
  • Wallet movement history
  • Evidence submitted in disputes (photos, messages)

2.4 Technical Data

  • IP address and approximate location information
  • Browser type and operating system
  • Pages visited and actions performed on the platform
  • Connection and activity logs

3. Purposes of Processing

Purpose Legal basis
Creating and managing your account Contract performance
Processing transactions and escrow Contract performance
Identity verification (KYC / anti-fraud) Legal obligation
Dispute resolution Contract performance
Sending transaction notifications Contract performance
Platform improvement (analytics) Legitimate interest
Regulatory compliance and anti-money laundering Legal obligation
Marketing communications (with your consent) Consent

4. Retention Period

  • Active account data: for the duration of your registration
  • Transaction data: 10 years after closure (accounting obligation)
  • KYC documents: 5 years after the end of the commercial relationship
  • Technical logs: rolling 12 months
  • Cookie data: see our Cookie Policy

5. Data Sharing

Your data is never sold to third parties. It may be shared with:

  • Mobile Money operators (MTN, Orange) for payment processing
  • Technical providers (hosting, transactional emails) under confidentiality agreements
  • Competent authorities upon judicial requisition or legal obligation

All our subcontractors are subject to strict contractual obligations of confidentiality and security.

6. Data Security

Katica implements the following technical and organisational measures:

  • Data encryption in transit (TLS/HTTPS)
  • Passwords hashed with a secure algorithm (bcrypt)
  • Two-factor authentication (2FA) available
  • Data access limited to authorised staff
  • Regular encrypted backups
  • Access monitoring and alerts in case of suspicious activity

7. Your Rights

In accordance with applicable regulations, you have the following rights:

  • Right of access: obtain a copy of your personal data
  • Right of rectification: correct inaccurate data
  • Right of erasure: request deletion of your data (subject to legal retention obligations)
  • Right of portability: receive your data in a structured format
  • Right of objection: object to processing for marketing purposes
  • Right to withdraw consent: at any time for consent-based processing

To exercise your rights, contact us at privacy@katica.app. We will respond within 30 days.

8. International Transfers

Your data is primarily hosted and processed in Cameroon and/or the European Union. Any transfer to a third country is subject to appropriate safeguards (standard contractual clauses).

9. Changes

This policy may be updated. In the event of a material change, you will be notified by email at least 30 days before it takes effect. The date of last update is indicated at the top of this document.

10. Contact

For any questions regarding the protection of your data: privacy@katica.app

Back to home