Privacy Policy
ZimDial β Zimbabwe USSD Assistant
Effective date: April 1, 2025 | Last updated: May 22, 2026
Welcome to ZimDial (the "App"), developed by Tatenda Mutyambizi (as CainBen Labs). CainBen Labs is a brand name, not a separate legal entity. Your privacy is our priority. This Privacy Policy explains how we collect, use, store, and protect your information when you use ZimDial. We are committed to full transparency and comply with Google Play Store User Data Policy, including requirements for limited usage of permissions, data disclosure, and user control.
π Privacy-first by design: ZimDial does NOT collect your phone number, contacts list, or transaction history. All personal usage data (history, favourites, templates) stays only on your device. No account registration is required, and no personal identifiers are sent to our servers.
1. Information We Collect
We minimise data collection and never sell or share your personal information with advertisers or third parties for marketing. Below is the complete list of data we may collect:
Anonymous UUID
A random identifier generated locally on your device at first launch. Not linked to your phone number, name, or any personal information. Used to maintain app preferences across sessions without identifying you.
Dial History / Favourites / Templates / Smart Predictions data
All stored locally on your device using secure on-device storage (Preferences / localStorage). This data never leaves your device and is never accessible by us. You can clear it at any time via Settings β Clear All Data.
Anonymous Usage Analytics
We may collect fully anonymous data about how you use the app (e.g., which features are used, session length, error reports). This data is not tied to any personal identifier and is used only to improve ZimDial.
Device & OS Information
Device type, OS version, app version, and WebView version collected anonymously for support, crash analysis, and compatibility improvements.
Push Notification Token (FCM)
If you enable push notifications, a device token is sent to Firebase Cloud Messaging (FCM) to deliver reminders and announcements. This token is anonymised and not linked to your phone number or identity.
We DO NOT collect: Phone numbers, contacts, SMS messages, financial information, precise location, call logs, display names, or any sensitive user data. ZimDial never accesses your USSD transaction content or banking credentials.
2. How We Use Your Information
- Anonymous UUID: To remember your preferences (e.g., default provider, dark mode setting) without identifying you.
- Local usage data (history, favourites, insights): Powers features such as "Buddy Predictions", "Smart Suggestions", and your dial history. All processing happens on-device.
- Analytics & crash reports: Helps us fix bugs, improve performance, and prioritise features. Data is aggregated and anonymous.
- Push notifications (if enabled): Delivers helpful reminders (e.g., ZESA token reminders) and important app updates. You can disable notifications anytime in Settings or system preferences.
3. Data Storage & Retention
All your personal app data (dial history, favourites, templates, usage insights) are stored locally on your device using Androidβs secure storage (Preferences API) or localStorage. This data is never uploaded to our servers or any third party. If you uninstall ZimDial or clear app data, this information is permanently deleted and cannot be recovered by us.
Your anonymous UUID and push token (if enabled) are stored in Firebase services (Firestore / FCM) only to the extent required for delivering push messages and basic analytics. These identifiers remain anonymous and are not linked to any personal data. You can reset your UUID by clearing app data.
4. Third-Party Services & Permissions
ZimDial integrates the following third-party services, each governed by their own privacy policies. We select providers that respect user privacy:
- Google Firebase (Firestore, Remote Config, FCM, Analytics) β Firebase Privacy & Security
- Capacitor Plugins (Haptics, Clipboard, Share, Local Notifications, Contacts API) β all processing stays on-device where applicable.
Permissions explained:
- Contacts permission: Requested only when you explicitly tap "Pick from Contacts" to fill a recipient number. We only read the single number you select; no contacts are stored, uploaded, or shared. You can deny this permission without affecting core USSD dialing.
- Notification permission: Used only if you enable reminders. We never send spam; only service-related messages and optional bill reminders.
- Haptics / Vibration: Used only for optional tactile feedback (can be disabled in settings).
- INTERNET: Required for remote configuration, push notifications, and crash reporting β all anonymous.
5. Your Rights & Controls
Because ZimDial does not collect personal data like phone numbers or emails, there is no "account" to delete. However, you have full control over your local data:
- Clear all local data: Go to Settings β Clear All Data to permanently delete dial history, favourites, templates, and insights predictions. This action cannot be undone.
- Incognito mode: Enable Incognito mode in Settings to prevent saving history or favourites during sensitive sessions.
- Disable analytics: You may opt out of anonymous usage analytics by adjusting "Smart Predictions" or usage tracking toggles in Settings.
- Revoke permissions: You can revoke Contacts, Notifications, or other permissions at any time via your Android device settings.
- Data portability: Since your data stays on your device, you can export your dial report from the Reports page (copy as text).
If you have enabled push notifications and wish to delete your anonymous FCM token, email us at cainbenlabs@gmail.com with subject "Delete FCM Token β ZimDial".
6. Children's Privacy
ZimDial is not intended for children under the age of 13. We do not knowingly collect personal information from anyone under 13. If we learn that we have inadvertently collected such data, we will delete it immediately. By using ZimDial, you confirm you are at least 13 years old.
7. Data Security
We implement strong security measures to protect your information:
- All local storage is sandboxed per Android security model; other apps cannot access ZimDialβs data.
- Communications with Firebase (FCM, Remote Config) use HTTPS/TLS encryption.
- No personal data is stored in plaintext on external servers β only anonymous usage aggregates.
- We regularly review our code and dependencies to prevent vulnerabilities.
8. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or for legal/compliance reasons. We will notify you of any material changes by updating the "Last updated" date at the top of this page and, where appropriate, via an in-app notice. Continued use of ZimDial after changes constitutes your acceptance of the revised policy.
9. Contact Us
If you have any questions, concerns, or requests regarding your privacy or this Privacy Policy, please contact us:
π§ Email: cainbenlabs@gmail.com
π¬ WhatsApp: +263 773 870 255
π’ Developer: CainBen Labs, Zimbabwe
We will respond to privacy-related inquiries within 7 business days.