Thank you for choosing CODO. We deeply value your privacy and are committed to protecting your personal information. This Privacy Policy explains how we collect, use, store, and safeguard your data, and how we respect your choices regarding your information. By using CODO, you agree that your personal information may be processed as described here. We strive to provide a secure, transparent, and trustworthy service built on integrity.

How We Collect Your Information

To provide you with a better experience, we may collect certain personal information when you use our app or services, always with your consent. If you choose not to share this information or later withdraw your consent, some features or services may be limited. We fully respect your choices and are committed to protecting your data, keeping it secure, and managing it responsibly.

A. Information We Require

To deliver efficient and high-quality loan services, we may request access to certain permissions or information. Your cooperation helps us serve you more effectively.

SMS Content

To assess your credit, manage risks, and prevent fraud, CODO may collect your SMS records and securely transmit and store them on our server (https://cd.codogh.com). Collected data includes sender, date, and message content. Irrelevant SMS data will be filtered out and deleted.

We do not share your SMS content with third parties and strictly comply with all applicable laws, regulations, and privacy policies to protect your data.

You may decline SMS access permissions, though this may limit certain loan services. Permissions can be enabled or disabled at any time in your settings.

Device Approximate Location

We only collect approximate location information from your device to help reduce account risks and enhance data security. All transactions are protected with 128-bit SSL encryption.

The data is securely transmitted and stored on our server: https://cd.codogh.com.

Camera

We request access to your camera so that you can capture photos of your ID and face for KYC (Know Your Customer) verification, which is required for our loan services.

We do not access any photos or videos already stored on your device.

Camera access requires your consent. Without it, you will not be able to capture or update images.

Installed Applications List

We may collect information about apps installed on your device, but only transmit and store data from specific financial apps. Collected information includes whether it is a system app, the app name, version code, first installation date, and last update date.

This data helps us analyze behavioral risks, prevent fraud, and ensure the security of accounts and funds. Information from non-financial apps is neither transmitted nor stored.

Device Information

To ensure the stability and security of our services, we collect basic device information, including device model, operating system version, advertising identifiers (GAID/IDFA), network type, language, and time zone settings.

All data is securely transmitted to our server (https://cd.codogh.com). We strictly protect your privacy and will not share your information with third parties without your explicit consent.

Emergency Contacts

We collect information for up to two emergency contacts, including their relationship to you, name, and phone number. This information is used solely to verify your identity, assess eligibility, and conduct risk and fraud prevention analyses.

You can provide this information in two ways:

Manually entering contact details

Selecting contacts from your contact list

The automatic option only collects information for the contacts you explicitly select and does not access your entire contact list, providing a quick and convenient way to upload contact information.

We never share your data with third parties without your consent. Your information is securely transmitted and stored on our servers via HTTPS.

Advertising Tracking

We use AppsFlyer to collect device identifiers and app usage data for advertising attribution, analytics, and fraud prevention. You can manage or limit ad tracking at any time in your device settings.

B. Personal Information Provided by Users

After registration, we collect, process, store, use, and, when necessary, disclose certain information you provide for purposes including, but not limited to:

Information Provided Directly by Users:

Phone number

Identity document information

Full name

Date of birth

Gender

Address

Emergency contacts

Education level

Employment information

Monthly income

Borrower's e-wallet information

Purpose / Use

Verify identity, cross-check information, and validate with third parties for accuracy.

Monitor, detect, analyze, and prevent crimes, fraud, and business risks.

Develop, improve, and maintain risk assessment processes and models.

Notify you about offers, products, services, and updates.

Handle complaints and process user requests.

Personalize your experience, enhance services, and measure interest and satisfaction.

Disclose data as required to comply with legal and regulatory obligations.

Data Retention and Deletion

CODO is committed to protecting your personal data from unauthorized access, misuse, and disclosure, implementing appropriate security measures based on the type of data and its processing.

We retain your information to ensure smooth service, provide support, manage your account, and detect, prevent, or investigate fraudulent or illegal activities. Data is kept only as long as necessary to provide our services.

Personal data may also be retained to comply with legal obligations, resolve disputes, and enforce agreements.

Users can delete their accounts via our app or website (https://cd.codogh.com). After deletion, services will no longer be accessible, and the data cannot be recovered.

Accounts cannot be deleted if an order is in progress, pending, or under disbursement; data will be retained until all obligations are fulfilled.

Users may re-register with the same mobile number 15 days after deletion. To prevent fraud, numbers requesting deletion more than three times will be blocked from registering again.

Security Measures

We are committed to protecting your personal information and maintaining its accuracy. We implement appropriate physical, administrative, and technical safeguards to prevent unauthorized access, use, or disclosure.

Information transmission is secured using SSL encryption, and we employ advanced technologies at multiple levels to ensure system security.

Our measures to protect your data include:

Encrypting data during transmission;

Providing security features such as OTP verification;

Regularly reviewing data collection, storage, and processing practices, including physical security;

Restricting access to employees, contractors, and agents on a need-to-know basis, all bound by confidentiality obligations;

Complying with all applicable laws and regulations;

Regularly reviewing this Privacy Policy for compliance;

Responding to formal complaints and cooperating with regulatory authorities to resolve data transfer issues.

Our Responsibilities Regarding Personal Data

In accordance with this Privacy Policy, CODO (the "Controller") is responsible for processing the personal data we collect from users (the "Data Subjects"). We oversee the collection, storage, use, access, transmission, disclosure, and deletion of this data, ensuring its security and privacy.

Changes to the Policy

We reserve the right to update this Privacy Policy at any time. The latest version will be published on our platform.

We recommend reviewing this policy periodically to stay informed about any changes.

By continuing to use our platform and services, you agree to the updated terms of this Privacy Policy.

Contact Information

If you have any questions, comments, or complaints regarding this Privacy Policy, please contact us via:

Effective Date: 2026-01-10