EN
English French

Privacy Policy

YusMe Privacy Policy

Last Updated: March 2026

YusMe LMT ("we," "our," or "us") is committed to protecting the privacy and security of your personal data. This Privacy Policy outlines our practices regarding the collection, processing, and protection of data belonging to individuals established, residing, or in transit within the Republic of Cameroon, in strict adherence to Law No. 2024/017 of December 23, 2024, on Personal Data Protection in Cameroon (PDPC).

1. Data Controller Identity and Data Protection Officer (DPO)

YusMe LMT acts as the primary Data Controller determining the means and purposes of processing your personal data on the Platform. To ensure rigorous compliance, we have appointed a certified Data Protection Officer (DPO).

  • Contacting the DPO: For all inquiries related to your privacy rights, data mapping, or to file a complaint, please contact our DPO via email at support@yusme.me or through our dedicated privacy ticketing portal.

2. Categories of Personal Data Collected

To operate the autonomous marketplace and comply with financial regulations, we collect the following categories of data :

  • Identification Data: Full legal name, date of birth, biometric data (facial verification photos), and government-issued ID numbers (mandatory for Service Provider KYC).

  • Contact and Geolocation Data: Email addresses, phone numbers, billing addresses, and real-time GPS coordinates required for matching Customers with local Service Providers and enabling delivery logistics.

  • Financial and Transactional Data: Wallet balances, deposit/withdrawal histories, escrow logs, and masked payment card or mobile money identifiers necessary to process transactions and satisfy CEMAC AML/CFT auditing requirements.

  • Digital Identifiers: IP addresses, device IDs, browsing history, and in-app messaging logs utilized for dispute resolution and fraud prevention.

3. Lawful Basis for Processing

We process your data strictly on the following lawful bases :

  • Contractual Necessity: Collecting financial, contact, and identification data is imperative to execute the marketplace agreements, manage escrow holdings, and facilitate the booking of services and products.

  • Legal Obligation: KYC verification, transaction logging, and the retention of financial records are mandated by BEAC/CEMAC directives and national tax codes.

  • Consent: Processing data for the purposes of behavioral profiling, targeted advertising, or sharing with non-essential third-party marketing partners requires your freely given, specific, and unambiguous consent. Consent is obtained via affirmative opt-in mechanisms and can be withdrawn at any time through your profile settings.

4. Data Sharing and Service Providers as Sub-Processors

Because YusMe is a two-sided marketplace, we must share limited elements of Customer data (e.g., first name, location, service requirements) with Service Providers to facilitate

bookings.

Service Providers as Sub-Processors: When receiving Customer data, Service Providers act as independent sub-processors. Providers are legally bound by our Terms and Conditions to utilize this data solely for the execution of the booked service or product delivery. Service Providers are strictly prohibited from retaining this data post-service, extracting it for external databases, or utilizing it for unsolicited marketing. Violations will result in account termination and reporting to the Data Protection Authority.

Cross-Border Data Transfers: While YusMe primarily operates within Cameroon, our cloud hosting infrastructure may involve servers located internationally. Any cross-border transfer of personal data is executed under the prior authorization of the Data Protection Authority and protected by robust contractual safeguards, encryption, and compliance protocols.

5. Integrity, Confidentiality, and Retention

We implement advanced technical and organizational measures, including end-to-end encryption for in-app messaging and rigorous access controls, to protect your data against unauthorized access, alteration, or loss.

Financial data and transaction logs are retained for the minimum period required to satisfy CEMAC anti-money laundering auditing laws (typically five to ten years), after which the data is securely erased or irrevocably anonymized. General account data is retained for the lifespan of the active account.

6. Your Rights as a Data Subject

Under the 2024 PDPC, individuals residing in Cameroon possess comprehensive rights regarding their personal data. We guarantee the conditions necessary for you to exercise these rights :

  • Right of Access: You may request a complete copy of the personal data we hold about you.

  • Right to Rectification: You may correct inaccurate or incomplete information through your Account Profile or by contacting support.

  • Right to Erasure: You may request the deletion of your account and associated personal data, subject to our overriding legal obligations to retain financial records for AML/CFT compliance.

  • Right to Restrict Processing & Portability: You may object to specific processing activities (e.g., targeted advertising) or request that your data be transferred to another controller in a structured, machine-readable format.

To exercise these rights, please contact our DPO. We systematically process and respond to all requests within the statutorily mandated timeframes.