BLOOM – PRIVACY POLICY V3.0 – 27.06.2025

  1. Introduction

Firstcom Global Payments S.A., a public limited company with board of directors, with a share

capital of 100,000,000 FCFA, whose registered office is located at Cocody Riviera Golf 4, Cité

Laguna Golf, Complexe Laguna Gate, 25 BPM 1033 Abidjan 25, registered with the Trade and

Credit Registry (RCCM) of Abidjan under number CI-ABJ-03-2024-B14-00044, hereinafter

referred to as "Firstcom ", is committed to protecting the privacy of information of those who

use our Services and Applications.

Firstcom's services are developed under the "Bloom" brand , through an app and a website,

and are provided on the basis of a partnership and distribution agreement for co-branded

Mastercard cards concluded between Firstcom Global Payments SA and Guaranty Trust Bank

Côte d'Ivoire

This privacy policy describes how Firstcom collects, uses, shares and protects users' personal

data, in accordance with the legislation in force, in particular Law No. 213-450 of 19 June 2013

on the protection of personal data.

By visiting our website or using our mobile application and/or providing your personal

information, you agree that Firstcom may collect, use and disclose your personal information

as described in this Privacy Policy.

  1. Data collected

Firstcom collects information when you use our Apps. For example, we collect data when you

purchase or receive an e-gift card or we collect data when you contact our customer service.

We only collect the amount of information we need for specific, identified purposes.

• Personal Data : When you purchase or receive a gift card, you will be asked to provide

certain personal information, such as your name, email address, phone number, or similar

information. This information is collected to allow us to process your order. We may also

automatically collect personally identifiable information when you use the Apps with

Facebook or Google. Some of this information we receive is necessary to set up your

account and send your gift. You may choose not to use Facebook or Google with our Apps,

and you may also choose not to provide certain personally identifiable information, but

then you may not be able to take advantage of the services provided by our Apps.

• Location data : When entering your address in the Bloom app, you have the option to

share your GPS coordinates in order to specify your geographical location. This data is

collected with your consent, with the aim of improving the accuracy of your address, in

accordance with regulatory KYC (Know Your Customer) requirements, and to facilitate the

delivery of your physical card to the address provided.

• Sensitive data: Identification information (ID number), biometric data (fingerprints, facial

recognition). Financial information (payment card number, transaction history). We do not

store your credit card number, this information is directly transmitted to our payment

gateway provider for the purpose of processing your payment.

• Cookie Information : When you visit our Apps, we may send one or more cookies (a small

text file containing a string of alphanumeric characters) to your computer. Firstcom uses

both session cookies and persistent cookies. A persistent cookie remains after you close

your browser and can be used by your browser on subsequent visits to the Sites. These

persistent cookies can be deleted, but each web browser is a little different. Please refer

to your browser's "Help" file to find out how to properly change your cookie settings. We

do not link the information we store in cookies to any personally identifiable information

you submit on our site.

• Information Collected Automatically : When you use our Apps or open one of our emails,

we automatically record certain data using technology, including "clear GIFs" or "web

beacons," cookies (see above), IP addresses, and unique "device identifiers" (similar to IP

addresses). "Automatically collected" data includes the type of web browser, the website

that referred you to us, the web pages you viewed on our Apps, and the dates and times

you visited our Apps.

• Customer Provided Information : When Firstcom manages promotions or other services

for a customer (a company or organization to which Firstcom provides business services),

certain personal information is also shared in order to process the gift card creation and

redemption activity on that customer's behalf. The use of personal information shared

with us by our customers is also subject to the terms mentioned in this Privacy Policy.

• Gift card recipients. When you choose to use our services to send a gift card to someone,

you represent that you have their consent to provide us with their name, email address

and/or mobile phone number. We will automatically send the gift card recipient an email

or mobile SMS or WhatsApp message notifying them of the gift card received. Unless we

are authorized by your friend, we will only use your friend's name, email address and/or

mobile phone number for the purposes of sending this email and reminder emails for the

use of gift cards and keeping an activity log of your friend.

  1. Use of personal data

We use the data collected to:

• To provide the services subscribed to by the user, such as the issuance of digital gift cards

and virtual payment cards;

• Manage customer relationships, including responding to inquiries and providing technical

support;

• Comply with legal and regulatory obligations, such as KYC (Know Your Customer) and anti

money laundering and countering the financing of terrorism procedures;

• Analyze and improve the services offered by Firstcom, including by conducting market

research and statistical analysis;

• Prevent and detect fraud, using data to identify suspicious activity and take appropriate

action;

• Personalize the user experience, using data to provide offers and promotions tailored to

each user's needs and preferences;

• Communicate with users, sending them information about Firstcom's products and

services, as well as relevant newsletters and notifications;

• Troubleshoot problems, resolve disputes, enforce our agreements with you, including our

terms and conditions and this Privacy Policy;

• Respond to any official request from duly authorized public or judicial authorities.

  1. Sharing of Collected Information

Firstcom may share the information collected and personal data in specific circumstances for

the performance of services essential to the provision of our services, in accordance with the

regulations in force.

With Third Parties:

• Our affiliates, created or to be created;

• External service providers contracted with us for the development of applications and

financial technologies, the provision of technical and hosting infrastructures such as

Amazon Web Services, the execution of payment services, the verification of identity and

compliance of the customer file, communication and messaging services;

• Our banking partners;

• Financial, Judicial and Regulatory Authorities;

• Any other parties involved in the transactions such as merchants.

For operational reasons:

• To support audit, compliance, and corporate governance functions;

• To assess and manage risks;

• To prevent fraud.

  1. Transfer and Retention of Personal Data

The personal data collected is mainly processed and stored in Côte d'Ivoire. However, it may

be processed and stored by Firstcom's technical partners for the performance of their

contractual obligations, in the ECOWAS zone or outside the ECOWAS zone in countries

offering the same guarantees and protection in terms of personal data protection, in

accordance with the regulations in force.

  1. Data Security

Firstcom is committed to protecting the personal data you share with us. We use a

combination of industry-standard technologies, procedures, and organizational security

measures to help protect your personal data from unauthorized access, use, or disclosure.

• We strive to protect the security of your information during transmission by using Secure

Sockets Layer (SSL) software, which encrypts the information you enter.

• We only reveal the last four digits of your credit/debit card numbers when confirming an

order. Of course, we pass on the entire credit/debit card number to the relevant

credit/debit card company when processing the order. We do not store this information

in our Apps.

• It is important that you protect yourself from unauthorized access to your password and

computer. Make sure to log out when you're done using a shared computer.

• If you are using the Apps with Facebook, make sure you are logging out of Facebook or

through the Apps (which will also log you out of Facebook) if you are using a shared

computer.

  1. Shelf Life

Personal data is retained for ten (10) years, in accordance with applicable laws and

regulations, operational requirements, as well as the needs of preserving legal rights or

responding to requests from regulatory bodies.

  1. Rights to access your data

Users have the following rights in accordance with the law:

• Right of access and rectification of data;

• Right to erasure of data;

• Right to restriction of data processing;

• Right to object to data processing.

Because we aim to give you simple and meaningful choices about your information, most of

the choices available to you are embedded directly in the app, on our website or in your

settings. For example, you can:

• Change personal information, i.e., name and mobile phone number in your profile at any

time.

• Choose not to disclose information, even though it may be necessary to take advantage of

certain features of the Applications or register for them.

• In some cases, if you refuse to share personal information, we will not be able to provide

you with certain services. You may also choose to unsubscribe from future marketing

mailings by following the unsubscribe instructions in the emails we send you.

• You can contact us to exercise these rights by sending an email to:

compliance@bloomcard.app

  1. Firstcom Global Payments SA Employee Data

The personal data of Firstcom employees is collected and used in the context of human

resources management, in particular for recruitment, performance and remuneration

management, and compliance with legal labour obligations.

  1. Precautions for the Protection of Personal Data

Firstcom takes appropriate technical and organizational measures to protect personal data

against unauthorized access, disclosure, alteration or destruction. Firstcom employees are

required to respect the confidentiality of personal data and are trained in good data

protection practices.

  1. Legal References

This policy complies with Law No. 213-450 of 19 June 2013 on the protection of personal data,

as well as any other relevant legislation on data protection.

  1. Changes to this Privacy Policy

This Privacy and Personal Data Use Policy is effective immediately upon publication and is

subject to periodic review to ensure compliance with legislative and regulatory developments,

as well as data protection best practices. If we make any changes to this Privacy Policy or the

way we use personal information, we will notify you by posting an announcement on our

website or by sending you an email. By continuing to use our Apps, you are bound by any

changes to the Privacy Policy, each time you use our Apps after those changes are first posted.

  1. Contact us

If you have any questions or concerns about how your information is handled, please

contact us by email at: compliance@bloomcard.app

Last updated: June 27, 2025


Updated on: 27/06/2025

Was this article helpful?

Share your feedback

Cancel

Thank you!