Privacy Policy

At Ripple – Stay Connected ("Ripple", "we", "us", or "our"), protecting your privacy and personal data is a top priority. Ripple is owned and developed by Navjo Synk Solutions (Pvt) LTD, and all data is processed and controlled through Navjo Synk Solutions. We are committed to using reasonable, appropriate, and industry-standard safeguards to protect your information and to handling your data transparently and responsibly in compliance with the Zimbabwe Cyber and Data Protection Act (CDPA) and related regulations.

This Privacy Policy explains how we collect, use, store, share, and protect your information when you use the Ripple mobile application and related services (collectively, the "Services"). By using Ripple, you agree to the practices described in this Privacy Policy.

1. Information We Collect

1.1 Information You Provide Directly

We collect information you choose to provide when you interact with Ripple, including:

• Account Information: Full name, username, email address, phone number, date of birth, profile photo.
• Host Application & Verification Data (Sensitive Data): Government-issued identification, proof of identity, and biometric data. By submitting an application to become a host, you provide explicit, written consent to Ripple – Stay Connected and Navjo Synk Solutions to store and process your personal identification documents for identity verification and fraud prevention purposes.
• Payment & Financial Information: Payment method details, payout account details.
• Event & Ticket Information: Event descriptions, pricing, images, ticket sales data, refund records, and related activity.
• Communications: Customer support interactions, reports, and feedback.

You are responsible for ensuring the accuracy of the information you provide.

1.2 Location & Map-Based Discovery Data

Ripple provides map-based discovery features that allow users to see nearby people and events. With your permission, we may collect and process:

• Real-time or approximate location data
• Online or active status, which may cause your profile pin to appear on the map
• Location usage patterns, where permitted by your device and app settings

You remain in control of your location sharing and can disable or limit visibility at any time through your device or app settings.

1.3 Automatically Collected Data

When you use Ripple, we automatically collect certain technical and usage information, including:

• IP address and network information
• Device identifiers, operating system, and app version
• Log files, crash reports, cookies, and similar technologies
• Interaction data such as pages viewed, features used, and event engagement

This data helps us improve performance, security, and user experience.

2. How We Use Your Information

We use your information to:

• Operate, maintain, and improve Ripple’s services
• Enable social discovery, map visibility, and event participation
• Process ticket purchases, refunds, and host payouts
• Verify user identities and host applications
• Detect, prevent, and investigate fraud, abuse, or harmful activity
• Communicate with you about updates, transactions, security alerts, and promotions
• Personalize content and recommendations
• Analyze platform usage and improve functionality
• Enforce our Terms of Service and platform standards
• Comply with legal and regulatory obligations

2.1 Lawful Basis for Processing

In accordance with the Zimbabwe Cyber and Data Protection Act (CDPA), Ripple processes personal data based on one or more of the following lawful bases:

• Consent: Where you provide explicit consent, such as when submitting Host Verification Data (including sensitive personal data), enabling location services, or opting into marketing communications.
• Contractual Necessity: Where processing is necessary to provide the Services to you, including account creation, ticket purchases, event hosting, payout processing, and customer support.
• Legal Obligation: Where processing is required to comply with applicable Zimbabwean laws and regulatory requirements, including financial record-keeping, fraud prevention, and cooperation with lawful authorities.
• Legitimate Interests: Where processing is necessary for Ripple’s legitimate business interests, including platform security, fraud detection, service improvement, analytics, and enforcement of our Terms of Service, provided that such interests do not override your fundamental rights and freedoms.

3. Events, Hosts, Payments & Moderation

Users may apply to become event hosts by submitting required personal identification.

• Approved hosts may create events and sell tickets on Ripple.
• Hosts may request payouts after events are completed, subject to verification and internal review.
• Hosts may cancel events; where applicable, ticket buyers may receive refunds according to Ripple’s refund policies.
• Ripple administrators reserve the right to review, suspend, or cancel events that violate platform rules or applicable laws, are flagged as fraudulent/misleading/unsafe, or fail to meet Ripple’s quality, safety, or compliance standards.

4. How We Share Information

We do not sell your personal data. We may share information only in the following circumstances:

4.1 With Trusted Service Providers

We share limited data with vetted third-party providers that help us operate Ripple, such as:

• Payment processors and payout providers
• Identity verification services
• Cloud storage and hosting providers
• Analytics and customer support tools

These providers are contractually required to protect your data and use it only for authorized purposes.

4.2 Legal, Safety & Compliance

We may disclose information where reasonably necessary to comply with legal obligations or lawful requests, enforce our Terms of Service or platform policies, protect users/Ripple/the public from harm or fraud, or investigate suspected violations or illegal activity.

4.3 Business Transactions

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction, subject to continued protection.

5. Automated Decision-Making

We may use automated systems for fraud prevention, security, and payout verification. In compliance with the Cyber and Data Protection Act, we will not make significant decisions affecting your rights based solely on automated processing without human review. You may request human intervention and an explanation of any such decision by contacting our Data Protection Officer.

6. Your Rights & Choices

You have control over your data and may:

• Request access to your personal information
• Request corrections to inaccurate or incomplete data
• Request account deletion, subject to legal or contractual obligations
• Manage location visibility and privacy settings

Withdraw Consent: You may withdraw consent for processing Host Verification Data at any time by contacting Ripple Support at support@ripplestayconnected.com. Your request will be acknowledged, and you will receive a response within 72 hours. Withdrawing consent will affect your ability to host events on the platform.

Object to Direct Marketing: You may opt out of marketing communications at any time.

To exercise these rights, please contact Ripple Support. To protect your privacy and data, we will take reasonable steps to verify your identity before fulfilling any request.

7. Age Requirement

Ripple is intended for individuals 16 years of age or older. We do not knowingly collect data from users under 16. If such data is identified, it will be promptly removed.

8. Data Retention

We retain personal information only for as long as necessary to provide our services and fulfill legal obligations. Specific timelines include:

• Account Data: Deleted within 90 days of account closure.
• Host Verification Data: Retained for 5 years after the last host activity to comply with fraud prevention and legal requirements, after which it is securely deleted.
• Financial Records: Retained for 7 years to comply with tax and financial regulations.

9. Data Security & Protection Measures

Ripple takes data security seriously and uses industry-recognized best practices to protect your information, including:

• Secure servers and encrypted data transmission
• Restricted access to sensitive data
• Identity verification and fraud-prevention controls
• Regular monitoring, testing, and system updates
• Internal policies governing data access and handling

While we take extensive and reasonable steps to protect your data, no digital system is completely secure. Therefore, we cannot guarantee absolute security, but we commit to continually improving our safeguards.

10. Data Breach Notification

In the event of a data breach, we will notify the Postal and Telecommunications Regulatory Authority of Zimbabwe (POTRAZ) within 24 hours of becoming aware of the breach. If the breach poses a high risk to your rights and freedoms, we will inform affected users within 72 hours, providing information about the nature of the breach and the measures taken to address it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Continued use of Ripple indicates acceptance of the revised policy.

12. Contact Us

If you have questions, concerns, or data requests, please contact us: