Privacy Policy

Last updated: April 18, 2026

1. Information We Collect

We collect information that you provide directly to us, information we collect automatically when you use the Service, and information from third-party sources.

Personal Information You Provide

When you create an account or use our Service as a guest, we may collect:

  • Identity information: Full name, gender
  • Contact information: Email address, phone number
  • Account credentials: Password (stored in encrypted, hashed form — we never store plaintext passwords)
  • Profile information: Any additional details you choose to add to your profile
  • Booking information: Search queries, property selections, reservation details, check-in and check-out dates
  • Payment information: Transaction references and status (we do not store full card numbers or mobile money PINs)
  • Communications: Messages, reviews, and feedback you submit on the platform

Information Collected Automatically

When you use the App, we automatically collect:

  • Device information: Device type, operating system version, unique device identifiers, mobile network information
  • Usage data: Pages viewed, features used, search queries, booking flow interactions, time spent on screens
  • Log data: IP address, access times, app crashes, and diagnostic data
  • Location data: General location inferred from IP address; precise GPS location only if you explicitly grant permission

Information from Third Parties

We may receive limited information from authentication and payment partners to verify transactions and prevent fraud.

2. How We Collect Information

We collect information through:

  • Direct input: Forms, registration screens, booking flows, and review submissions within the App
  • Automated technologies: Session tokens, analytics SDKs, and crash-reporting tools
  • Payment providers: Transaction status callbacks from our payment partners (Payunit, MTN MoMo, Orange Money)

3. How We Use Your Information

We use the information we collect for the following purposes:

To Provide and Operate the Service

  • Create and manage your account
  • Authenticate your identity using secure bearer tokens
  • Process search queries and display relevant guest house listings
  • Facilitate reservations and booking confirmations
  • Send booking confirmations, updates, and receipts

To Process Payments

  • Initiate and confirm payment transactions via MTN Mobile Money and Orange Money through Payunit
  • Detect and prevent fraudulent transactions

To Improve the Service

  • Analyze usage patterns to improve features and user experience
  • Diagnose technical issues and fix bugs
  • Conduct internal research and analytics

To Communicate with You

  • Send transactional notifications (booking confirmed, payment received, etc.)
  • Respond to your inquiries and support requests
  • Send important updates about the Service or this Privacy Policy

To Enable Community Features

  • Display your reviews and ratings to other users (your name may be visible on reviews you submit)
  • Allow hosts to respond to guest feedback

To Comply with Legal Obligations

  • Maintain records required by applicable law
  • Respond to lawful requests from public authorities

4. Payment Processing

All payments on Avani are processed through Payunit, a licensed payment aggregator that supports MTN Mobile Money (MoMo) and Orange Money.

  • We do not collect, store, or process your mobile money PIN, full card numbers, or sensitive payment credentials.
  • Payment transactions are handled entirely by Payunit and the respective mobile money operators in accordance with their own privacy and security policies.
  • We store only the transaction reference, status, and amount necessary to confirm your booking and provide customer support.
  • By making a payment, you also agree to the terms and privacy policies of Payunit, MTN MoMo, and Orange Money as applicable.

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following limited circumstances:

With Hosts

When you make a booking, we share your name, contact information, and booking details with the host of the property you have booked. This is necessary to fulfill your reservation.

With Service Providers

We engage trusted third-party vendors who assist us in operating the Service, including cloud infrastructure and hosting providers, analytics and crash-reporting services, payment processing (Payunit), and customer support tools. These vendors are contractually bound to use your information only to perform services on our behalf.

For Legal Compliance and Safety

We may disclose your information if required to do so by law, court order, or governmental authority, or if we believe in good faith that such disclosure is necessary to comply with a legal obligation, protect our rights or property, prevent fraud or illegal activity, or protect the safety of our users or the public.

Business Transfers

In the event of a merger, acquisition, or sale of all or substantially all of our assets, your information may be transferred as part of that transaction. We will notify you via prominent notice in the App or by email.

6. Data Retention

We retain your personal information for as long as your account is active or as necessary to provide you with the Service. Specifically:

  • Account data is retained for the duration of your account and for up to 3 years after account deletion to comply with legal and financial obligations.
  • Booking and payment records are retained for a minimum of 5 years in accordance with applicable financial regulations.
  • Reviews and public feedback may remain visible after account deletion unless you specifically request removal.
  • Log and analytics data is retained for up to 12 months in identifiable form and may be retained longer in aggregated, anonymized form.

You may request deletion of your account and associated data at any time (see Section 8).

7. Data Security

We take the security of your personal information seriously and implement appropriate technical and organizational measures, including:

  • Password hashing: All passwords are hashed using industry-standard algorithms (e.g., bcrypt). We never store plaintext passwords.
  • Bearer token authentication: API requests are authenticated using short-lived bearer tokens to ensure only authorized users can access account data.
  • Encryption in transit: All data transmitted between your device and our servers is encrypted using TLS (HTTPS).
  • Encryption at rest: Sensitive data stored in our databases is encrypted at rest.
  • Access controls: Access to personal data is restricted to authorized personnel on a need-to-know basis.

Despite our efforts, no security system is impenetrable. In the event of a data breach that affects your rights and freedoms, we will notify you and relevant authorities as required by applicable law.

8. Your Privacy Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal information we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete information.
  • Right to Erasure: Request deletion of your personal data, subject to legal retention requirements.
  • Right to Restriction: Request that we restrict the processing of your data in certain circumstances.
  • Right to Data Portability: Request your data in a structured, machine-readable format.
  • Right to Object: Object to the processing of your data for certain purposes, including direct marketing.
  • Right to Withdraw Consent: Where processing is based on consent, withdraw that consent at any time.

To exercise any of these rights, contact us at privacy@avaniapp.com. We will respond within 30 days. We may need to verify your identity before processing your request.

You may delete your account directly from the App settings. Upon deletion, we will begin the process of removing or anonymizing your data, subject to the retention periods described in Section 6.

9. Children's Privacy

The Avani Service is intended for users who are 18 years of age or older. We do not knowingly collect personal information from children under the age of 13 (or the applicable minimum age in your jurisdiction).

If we learn that we have collected personal information from a child without verifiable parental consent, we will take steps to delete that information promptly. If you believe we may have inadvertently collected information from a minor, please contact us at privacy@avaniapp.com.

10. Third-Party Services

The App may contain links to or integrate with third-party services. This Privacy Policy applies solely to information collected by Avani. We encourage you to review the privacy policies of any third-party services you interact with, including Payunit, MTN Mobile Money, Orange Money, and the Apple App Store and Google Play Store.

11. International Data Transfers

Avani primarily serves users in Cameroon and Rwanda. If your information is transferred to or accessed from outside your country of residence, we ensure that appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection law.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page and notify you via in-app notification or email at least 14 days before the changes take effect. Your continued use of the Service after the effective date constitutes acceptance of the updated terms.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Avani

Email: privacy@avaniapp.com

Website: https://avaniapp.com

This Privacy Policy is provided in English. In the event of any conflict between translated versions and the English version, the English version shall prevail.