Kenya's Tala Gets Data Controller Approval
Kenya-based Fintech, Tala, has gained permission from Kenya’s Office of Data Protection Commissioner (ODPC) Tala can now perform duties as a data controller in the East African Nation.
With this approval, the lending platform will be able to regulate the processing of confidential data, determine the objective of processing such data and compel other regulating and certified organizations or third parties to process or withhold such information in its place.
Confirming the accreditation. Munyi Nthigah, Tala’s General Manager emphasized that his fintech only requests information sincerely needed by users to gain access to Tala’s features some of which include loan underwriting and procure full exposure on how it utilizes customer’s information in its privacy policies.
Data retrieved during the loan application process are meant to be used solely to verify the applicant’s information, their identity, and to develop a credit scoring profile.
Tala provides an accessible digital Financial service, that offers its users easy disbursement of loans irrespective of the user’s credit history or score. The loan provider also offers loan interest as low as 5%.
Explaining the significance of the approval to Tala, Munyi Nthigah said “This is a great milestone for our company, especially as we diversify our product portfolio and expand across markets. At the core of Tala’s consumer data protection policies are the safeguards, security measures and mechanisms we have implemented to protect personal data so that we are able to swiftly react to any potential data breach,”.
Tala’s Legal Director, Nicola Muriuki, then urges the fintech customers of about 3.5 million, to patiently acquaint themselves and comprehend their data rights as Kenyan citizens and also as customers of the services, through the Privacy Notice section of the Tala mobile application.
The Office of the Data Protection Commission has instructed all data processors and controllers in the country to accordingly register their organization with respect to the 2019 provisions of the Data Protection Act.