Global
Kenya Mexico Philippines India

Tala Privacy Policy

Last updated on August 7, 2025

This Privacy Policy describes how personal data will be collected and processed on Tala’s platforms. Updates to this policy will be published on this page.

1. Who will collect and process personal data?

1.1 Tala as a Data Controller. InVenture Capital Corporation (“Tala”, “Tala Mobile”), together with its global affiliate companies, provides financial services to the global majority. Tala acts as a data controller (or “data fiduciary”) with respect to the personal data of our customers, personnel, shareholders, and directors (collectively, “data principals”). Tala may act as a joint controller with partner organizations.

1.2 Tala as a Data Processor. Tala may partner with other business entities and provide financial services to their customers. In these cases, Tala may be acting as a data processor, and will act according to the instructions of the partner data controller.

1.3 Tala Platforms. Tala offers financial services through the Tala mobile app, the Tala websites, and Unstructured Supplementary Service Data (USSD).

1.4 Tala’s Service Providers. Tala may engage third parties to process the personal data of data principals. These include:

  • Financial service companies like mobile wallets, payment and remittance platforms, and banks, which allow transfers of funds and payments
  • Messaging and chat services like SMS, online messengers, or email, which facilitate communication
  • Third party services like customer support, collections, and marketing agencies
  • Fraud prevention and identity verification platforms
  • Performance and usage monitoring platforms
  • External counsel, external auditors, and consultants, when necessary to resolve complaints or protect Tala’s interests

1.5 Tala’s Partners. Tala partners with other organisations to provide integrated or embedded credit services to individuals, either on Tala Platforms or on the partner’s platforms. Our partners may include:

  • Financial services companies and payment service providers such as mobile wallets and banks
  • E-commerce platforms that facilitate sales and purchases of goods and services
  • Other platforms that offer goods or services to customers and merchants

1.6 Other Third Parties; Protection of Tala’s Interests

  • Tala keeps personal data confidential. But in certain situations, we may need to share personal data with public or private third parties (such as law enforcement, legal counsel, auditors, and advisors) to exercise our rights or to protect other data principals.
  • Tala may be required by law to share personal data with agencies such as:
  • Credit reference bureaus
  • Local and national government agencies, including tax authorities
  • We may also transfer personal data to another company in cases such as a merger or acquisition.

2. What data does Tala collect and process?

2.1 User data. We collect and process personal data of Tala users as described in the applicable privacy policy of the Tala Platform. This may include: Identification Data; Contact Details; Transaction and Session Data; Communication and Interaction Data; Background Data; Device Data; Third Party Data. Refer to the links below for detailed information.

2.2 Personnel and internal stakeholder data. We collect and process personal data of Tala personnel, shareholders, and directors, as needed to fulfill contractual and regulatory obligations as an employer and a corporate entity. This may include: Identification Data; Contact Details; Background Reference Data; Health Information; Financial Information; Performance Data.

2.3 Service provider and vendor data. We collect and process the name and contact information (email address, mobile number, business address, designation) of representatives of our service providers and vendors to facilitate processing of agreements, purchase orders, and invoices. This may include: Identification Data; Contact Data.

2.4 Website visitor data. We collect and process page views, visitor interactions and impressions, session information, traffic data, browser data, device types, and visitor location and demographics.

3. What are Tala’s purposes for collecting and processing personal data?

3.1 There are legal obligations that apply to Tala as a financial services provider and a corporate entity.

  • Tala conducts KYC (know-your-customer) screening and transaction monitoring to comply with anti-money laundering regulations.
  • Tala submits positive and negative credit data to credit reference bureaus.
  • Tala remits taxes and mandatory contributions to tax authorities and social welfare agencies.
  • Tala complies with all other requirements and orders issued by public authorities, including policies applicable to Tala as a regulated financial services provider and as an employer.

3.2 Tala processes personal data to start, fulfill, or enforce contracts with data principals.

  • Tala communicates with data principals through email, SMS, calls, or chat or messaging service.
  • Tala maintains user accounts and processes requests such as agreements, loans, payments, cash in, cash out, transfers, and tickets.
  • Tala operates its platforms, fixes errors, installs updates, and maintains security.
  • Tala enforces company policies, including codes of conduct.

3.3 Tala may process personal data based on our legitimate interest.

  • Tala analyzes the usage of its platforms to improve services and prevent fraud.
  • Tala may send offers, updates, and promotions.

3.4 Tala may process personal data with the consent of the data principal.

  • We may publish content and materials with the image, voice, or video recording of the data principal.

3.5 Tala may conduct qualitative and quantitative research or may partner with institutions that conduct and publish academic or scientific research.

3.6 Tala may process personal data to comply with our role as a data processor, to fulfil our contractual obligations to our partners and to allow our partners to fulfil their contractual obligations to the data principal.

4. How long does Tala retain data?

Tala retains data in an identifiable form for the period necessary to accomplish the specified purpose. In many cases, Tala must comply with record retention requirements under anti-money laundering regulations. After the expiry of the retention period, Tala will dispose of or anonymize the data. You may refer to the applicable privacy notice or Tala Platform privacy policy for more information.

5. Where does Tala process data?

Except where data storage localization laws apply (such as in India), Tala may conduct data processing online in different cloud storage regions and in locations where members and personnel of the Tala entities are present (including: India, Mexico, Philippines, Singapore, South Africa, and USA). We make sure that processing is conducted, personal data will be protected with adequate safeguards, including encryption in transit and at rest.

6. How can data principals exercise rights or submit requests related to data protection?

Rights of data principals (which may include: right to be informed; right to access; right to object; right to correct/rectify; right to erasure/deletion; right to data portability; rights in relation to automated decision-making; and right to file a complaint) are described in detail in the applicable privacy policy of the Tala Platform. Requests may be sent to the Data Protection Officer email address of the applicable location. Each request is subject to review and evaluation. In some cases, we may ask for supporting documents. Tala aims to resolve requests within the time frame allowed under the regulations. In case the request is denied, we will specify the reasons for denial. Please note that withdrawing consent for processing of personal data or objecting to the automated processing of data may result in Tala’s inability to provide services.

7. How does Tala protect data principals?

Tala implements an information security management system and privacy information management system that meets global standards. This includes policies, procedures, and practices that protect personal data. We enforce strong security measures across our company and our teams. We make sure that the tools and platforms that we use are secure and respectful of privacy. Our staff is trained and required to follow privacy principles in every data processing activity.

Users of the Tala platforms (including the Tala mobile app) may refer to the following privacy policies for more information and the contact details of our Data Protection Officers (DPO):