Geto Plus Back to Home
Legal Document

Privacy Policy

Last updated: June 3, 2025  ยท  Effective: June 3, 2025

Your privacy matters. This Privacy Policy explains how Geto Plus collects, uses, and protects your personal information when you use our mobile application and website. By using Geto Plus, you agree to the practices described in this policy.

1. Introduction

Geto Plus ("we", "our", or "us") operates the Geto Plus mobile application and website (collectively the "Service"), a platform that connects guests and tenants with property owners, hotels, and landlords across Tanzania and East Africa.

This Privacy Policy applies to all users of our Service, including guests, tenants, property owners, and hotel managers. We are committed to protecting your personal data and complying with applicable data protection laws, including the Tanzania Personal Data Protection Act and relevant East African Community data regulations.

2. Information We Collect

2.1 Information You Provide

  • Account data: Name, email address, phone number, password, and profile photo when you register.
  • Identity verification: Government-issued ID or business registration documents (for property owners).
  • Property listings: Property address, photos, descriptions, pricing, and availability.
  • Booking information: Check-in/check-out dates, guest count, special requests, and payment details.
  • Communications: Messages exchanged between guests and hosts through our in-app messaging system.
  • Reviews and ratings: Feedback you submit about properties or hosts.
  • Support enquiries: Content of messages sent to our support team.

2.2 Information Collected Automatically

  • Device information: Device type, operating system, unique device identifiers, browser type.
  • Usage data: Pages viewed, features used, search queries, time spent, and actions taken within the app.
  • Location data: Approximate location (city-level) to show relevant property listings. Precise location only with your explicit permission.
  • Log data: IP address, access times, referring URLs, and crash reports.
  • Cookies and tracking: See our Cookie Policy for details.

2.3 Information from Third Parties

  • If you sign in via Google or Facebook, we receive your public profile information as permitted by those platforms.
  • Payment processors (e.g., M-Pesa, Airtel Money) may share transaction confirmation details with us.
  • Partner hotels and property management systems may share reservation data.

3. How We Use Your Data

We use your personal information for the following purposes:

  • Creating and managing your Geto Plus account.
  • Processing bookings and reservation confirmations.
  • Facilitating secure payments and issuing receipts.
  • Enabling communication between guests and property owners.
  • Displaying relevant property listings based on your search and location.
  • Sending booking confirmations, reminders, and check-in instructions.
  • Providing customer support and resolving disputes.
  • Verifying the identity of property owners to ensure listing authenticity.
  • Improving the Service through analytics and user feedback.
  • Sending promotional offers and updates (you may opt out at any time).
  • Detecting and preventing fraud, abuse, and security threats.
  • Complying with legal obligations and responding to lawful requests.

4. Sharing Your Data

We do not sell your personal information. We share your data only in the following circumstances:

  • Between guests and hosts: When a booking is made, limited contact information (name, phone number) is shared between the guest and property owner to facilitate the stay.
  • Payment processors: Secure payment information is shared with licensed payment providers (M-Pesa, Airtel Money, card processors) to complete transactions.
  • Service providers: We use trusted third-party vendors for cloud hosting (AWS/Firebase), email delivery, analytics, and app crash reporting โ€” all bound by confidentiality agreements.
  • Legal requirements: We may disclose data if required by law, court order, or government authority in Tanzania or applicable jurisdictions.
  • Business transfers: In the event of a merger or acquisition, your data may be transferred to the new entity, which will be bound by this Privacy Policy.
  • Safety: We may share information where necessary to protect the safety of users or the public.

5. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account data is retained until you delete your account.
  • Booking records are retained for 7 years for tax, legal, and dispute resolution purposes.
  • Messages between users are retained for 2 years after the related booking concludes.
  • Log and analytics data is anonymised after 12 months.
  • Upon account deletion, we remove personal data within 30 days, except where retention is required by law.

6. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your data ("right to be forgotten"), subject to legal retention requirements.
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to the processing of your data for marketing purposes.
  • Restriction: Request that we restrict processing of your data in certain circumstances.
  • Withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior lawful processing.

To exercise any of these rights, contact us at privacy@geto.plus. We will respond within 30 days.

7. Data Security

We implement industry-standard security measures to protect your personal information, including:

  • TLS/HTTPS encryption for all data transmitted between your device and our servers.
  • AES-256 encryption for sensitive data stored at rest.
  • Multi-factor authentication options for user accounts.
  • Regular security audits and penetration testing.
  • Strict access controls โ€” only authorised personnel can access personal data.
  • Incident response procedures to address data breaches within 72 hours.

Despite these measures, no system is 100% secure. We encourage you to use a strong, unique password and enable two-factor authentication on your account.

8. Children's Privacy

The Geto Plus Service is not intended for children under the age of 18. We do not knowingly collect personal data from minors. If you believe a child has provided us with personal information, please contact us at privacy@geto.plus and we will delete it promptly.

9. International Data Transfers

Geto Plus primarily operates in Tanzania and East Africa. However, some of our service providers (cloud hosting, analytics) may process data outside of this region, including in the European Union and the United States. When this occurs, we ensure appropriate safeguards are in place, such as standard contractual clauses or adequacy decisions.

10. Cookies and Tracking

We use cookies and similar tracking technologies to improve your experience on our website and app. For detailed information, please see our Cookie Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make significant changes, we will:

  • Update the "Last updated" date at the top of this page.
  • Send an in-app notification or email to registered users.
  • For material changes, request fresh consent where required by law.

Your continued use of the Service after changes take effect constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Officer: privacy@geto.plus
General Support: support@geto.plus
Company: Geto Plus Ltd, Dodoma, Tanzania