-
Request access to your Personal Data: This enables you to receive a
copy of the personal data we hold about you and to check that we are
lawfully processing it.
-
Request correction of the personal data that we hold about you: This
enables you to have any incorrect or incomplete information about you
corrected.
-
Request erasure of your Personal Data: This enables you to ask us to
delete or remove Personal Data where there is no legal reason for us
continuing to process it or you object to us processing it (see below).
-
Object to Processing of your Personal Data: This right exists where we
are relying on a legitimate interest as the legal basis for our
processing and there is something about your situation, which makes you
want to object to processing of your Personal Data on this ground. You
also have the right to object where we are processing your Personal Data
for direct marketing purposes.
-
Request the Restriction of Processing of your Personal Data: This
enables you to ask us to suspend the processing of Personal Data about
you, for example if you want us to establish its accuracy or the reason
for processing it.
-
Request the Transfer of your Personal Data: We will provide to you, or a
third party you have chosen, your Personal Data in a structured,
commonly used, machine-readable format. Note that this right only
applies to automated information which you initially provided consent
for us to use or where we used the information to perform a contract
with you.
-
Withdraw consent: This right only exists where we are relying on
consent to process your Personal Data. If you withdraw your consent, we
may not be able to provide you with access to the certain specific
functionalities of our platform. We will advise you if this is the case
at the time you withdraw your consent.
If you wish to exercise any of the rights above, please contact us using the details in ‘Who we are’ and ‘How to contact us’.
You
will not have to pay a fee to access your Personal Data (or to exercise
any of your rights relating to your Personal Data), however, we may
charge a reasonable fee for consent withdrawal if your request is
clearly unfounded, repetitive or excessive. If you refuse to pay the
fee, we may refuse to comply with your request.
We
may need to request specific information from you to help us confirm
your identity and ensure your right to access your Personal Data (or to
exercise any of your other rights under this Privacy Policy). This is a
security measure to ensure that Personal Data is not disclosed to any
person who has no right to receive it. We may also contact you to ask
you for further information in relation to your request to speed up our
response.
We
try to respond to all legitimate requests within one month.
Occasionally it may take us longer than a month if your request is
particularly complex or you have made a number of requests. In this
case, we will notify you and keep you updated.
4. What Personal Data We Collect
4.1 Customer Information
To
use the Services, you must provide customer information via our
registration, account upgrade or profile forms or other forms for KYC
verification.
This information includes, without limitation:
-
Full name, e-mail address and phone number, Platform PIN, address,
proof of address, real time location, occupation, whether you are male
or female, date of birth.
-
For some services we may also collect Bank Verification Number (BVN),
National Identity Number (NIN), other ID documentation information,
photographs, live videos and facial biometric data (where applicable).
Additional
information may be requested to when you opt to participate in social
media functions relating to the Service, promotions or surveys and when
you contact us to report a problem related to the Service.
If
you communicate with our Customer Services team via e-mail, Live Chat
or telephone, your conversations may be recorded and stored for
training, quality assurance and record keeping purposes. We use this
information to measure and improve our Service quality.
4.2 Device information
The following information may be collected from you automatically when you use any of our Service(s), but it is not limited to:
-
Details of your handset/device, unique device identifiers (IMEI or
serial number), information about the SIM card, mobile network,
operating system and browser settings.
We
use this information to protect our customers from service-related
crime, enhance the services we offer and to help us understand how
people use the Service.
4.3 Location Information
Certain
Service features may require location information from your device’s
Global Positioning System "GPS". With your consent this information will
be collected for these feature and services. You will be required to
grant consent. Turning off location services may render some services or
features unavailable.
4.4 Credit Information
This includes information concerning your:
credit
history, including applications for credit (or credit limit), credit
and loan agreements to which you are or have been a party, pattern of
payment or default, incidents of enforcement actions and circumstances
of termination of such credit agreements.
financial
history including your past and current income, assets and liabilities
and other matters with respect to your income and financial means;
education,
employment, career, professional or business history, including the
circumstances of termination of any employment, career, professional or
business relationship; or
identity,
including your (or your guarantor’s) name, date of birth, identity
number, marital status, past and current address, contact details and
related matters.
4.5 Analytics
We
may use in-app analytics technologies, like Google Analytics, to help
improve and simplify the overall app, design and service. These tools
track aggregated information about in app or website usage, provide
performance measurements and allow better reporting on application
failures. We record when you install or uninstall the Platform to help
us track who is using the Service.
4.6 Tracking and Cookies
A
cookie is a string of information that a website stores on a visitor's
computer, and that the visitor's browser provides to the website each
time the visitor returns.
ATFCL uses cookies to identify and track visitors, their usage of the ATFCL website (https://www.assurancetrustfinance.com/), and their website
access preferences. ATFCL visitors who do not wish to have cookies
placed on their computers should set their browsers to refuse cookies
before using the websites or decline the option of using cookies when
they visit for the first time. Our services may not function property
without the aid of cookies.
We have provided that following table to further outline the data that we collect:
Category of Personal Data collected
What this means
Identity Data: First
name, surname, maiden name, last name, username or similar identifier,
marital status, title, date of birth and gender, selfie picture, live
photographs or videos, facial ID, identification document number, copies
of ID documents, biometric data or other forms of identification.
Contact Data
Your home address, work address, billing address, email address and telephone numbers.
Online Presence Data
Links
to your public account pages at social media websites, links to
personal websites, and other online materials related to you.
Financial Data
Your bank account and payment card details, statements about your wealth and financial situation.
Transaction Data
Any
details about payments to and from you and other details of
subscriptions and services you have purchased from us. Data in respect
of your transactions with third parties (including your credit history).
Content Data
Any
content you post to the Services not already included in another
category, including without limitation, your profiles, questions,
preference settings, answers, messages, comments, and other
contributions on the Services, and metadata about them (such as when you
posted them) ("Content").
Marketing and Communications Data
Your
preferences in receiving marketing from us and our third parties and
your communication preferences. If you correspond with us by email or
messaging through the Services, we may retain the content of such
messages and our responses.
Behavioral Data
Inferred
or assumed information relating to your transaction pattern, behavior
and interests, based on your online activity. This is most often
collated and grouped into "segments".
Technical Data
Security
credentials (username and PIN/password) Internet protocol (IP) address,
your login data, browser type and version, time zone setting and
location, browser plug-in types and versions, operating system and
platform and other technology on the devices you use to access the
Platform or use our services.
Device Data
The
contact application on your device and your contacts' information such
as their name, mobile number, or email address contained therein.
Details of your handset/device, unique device identifiers (IMEI or
serial number), information about the SIM card, mobile network,
operating system and browser settings.
5.1. Transaction Information
To
process transaction on ATFCL Platforms, we need to share some of
your personal information with the person or company with whom you are
transacting. This information may include:
- Contact information (mobile number, e-mail address, personal photo)
- Payment information (card details, banking information, wallet balance)
This
Personal Data will be used to assist us in delivering the service that
you signed up for; allow us to understand how services are being used by
you; protect you and your account; improve our services and communicate
new services and offers to you.
We
will not expose your credit/debit card number or bank account number to
anyone you have paid or who has paid you through Flexi MFB Platforms,
except with your express permission or if we are required to do so to
comply with applicable laws or regulations, a subpoena, court order or
other legal action.
5.2. Identity Information
We collect and store personal information about you to comply with the relevant financial regulations.
The
Identity Data we collect is solely used for the purpose of
authenticating your identity, processing your transactions and
preventing fraud. We do not use this data for any other purpose. The
information is processed in a manner that is secure and in compliance
with applicable laws and regulations concerning Identity Data.
Apart
from the circumstance of complying with a Court Order, Arbitral Panel,
Tribunal, Regulatory Directive or Order or any other legal or regulatory
obligation, we do not disclose information about identifiable
individuals to other parties. However, we may provide them with
anonymous aggregate information, such as the number of people of a
certain age or sex who have performed certain transactions of a certain
amount within a particular timeframe.
Where
we use a 3rd party service, with your consent, we may share your
information in order to offer the service or improve the experience of
that service. When you use such a service for the first time, you will
need to review and agree to their terms and conditions, privacy policy
and other related agreements where applicable.
In
order to provide the Service to you as well as comply with applicable
laws, we may verify, compare and validate the personal information you
provide to us with the relevant government authorities.
5.3. Marketing Communication Preferences.
If
you would like us to stop sending marketing messages or modify your
email preferences at any time, please follow any of these procedures:
- Follow the opt-out messages sent in any of the emails;
- Go through the notification switch off process in the settings on your application
- Contact us at anytime using the contact details in Who We Are and How to Contact Us.
Where
you opt out of receiving these marketing messages, this will not apply
to Personal Data provided to us for processing for legitimate
service-related purposes. As required by applicable regulations, we may
need to verify the accuracy of the Identity Data and Contact Data you
provide to us, which may require physical visits to the address you
provide as your Contact Data including your work, home, billing or
contact address
We may also engage third party service providers to verify the accuracy of this Identity Data, including your Contact Data.
6. Who We Share Your Personal Data With
We
may share your personal data with third parties as described in the
table below. We consider this information to be a vital part of our
relationship with you.
Recipients
Why we share it
Our Affiliates
Our
affiliates may access your Personal Data to help us develop, maintain
and provide our Services and help manage our customer relationships
(including providing customer support, customer liaison, fund advisory
services, etc).
Service Providers
Our
service providers provide us support for our Services, including
without limitation Assurance Trust, for example, website and application
development, hosting, maintenance, backup, storage, virtual
infrastructure, payment processing, auto-deduct services, analysis,
identity verification, background and compliance reviews, fund
administration, banking services, and other services for us, which may
require them to access or use Personal Data about you. These service
providers may use, store and process your Personal Data to, and for the
period of time needed to, enable them provide us with the support
required to provide the Service to you. We ensure that these service
providers take extensive security measures with high level encryption in
order to protect your Personal Data against loss, misuse or alteration.
Third Party Providers
As part of the Services, we may provide links to other websites not
operated or controlled by ATFCL and may share your personal data to
Third Parties who provide services on the Platform. We are not
responsible for the content, accuracy or opinions expressed in such
websites, and such websites are not investigated, monitored or checked
for accuracy or completeness by us.
Please note that:
a. when you use a link to go from our Platform to another website, our
Privacy Policy is no longer in effect.
b. Your browsing and interaction on any other website, including those
that have a link on our Platform, is subject to the third party’s own
rules and policies.
c. Such third parties may use their own cookies or other methods to
collect information about you.
Professional Advisers
Our
lawyers, accountants, bankers, auditors and insurers may need to review
your personal data to provide consultancy, compliance, banking, legal,
insurance, accounting and similar services.
Legal and Taxing Authorities, Regulators and Participants in Judicial Proceedings
ATFCL may disclose your Personal Data if we believe it is reasonably
necessary to comply with a law, regulation, order, subpoena, rule of a
self-regulatory organization or audit or to protect the safety of any
person, to address fraud, security or technical issues, or to protect
our legal rights, interests and the interests of others, such as, for
example, in connection with the acquisition, merger or sale of
securities or a business (e.g., due diligence).
Credit Bureau and Central Bank of Nigeria (CBN)
We
are obligated by applicable laws and regulations to report or share
your Credit Information to credit bureaus and regulators such as the
CBN, in the event of default of a loan or in other siituations as may be
required by such applicable law.
Advertisers
Certain
users of the Services may have access to your Personal Data for the
purpose of enabling them to interact with you and more effectively offer
opportunities through the Platform that are targeted towards your
background and preferences. We may also allow third-parties, including
ad servers or ad networks, to serve advertisements on the Platform, and
such third parties may be provided with access to your Personal Data to
provide advertising tailored to your interests.
Researchers
We
may also share non personal data (such as anonymous usage data, data
referring/exit pages and URLs, platform types, number clicks, etc.) with
interested third parties to help them understand the usage patterns for
certain Services or conduct independent research based on such
anonymous usage data. This is provided to third parties under
confidentiality obligations such as, for example, academics or
contractors for research purposes.
API Users
TrueDepth
APIs: When you opt to use the face authentication feature on the
Platform, we will use Apple’s TrueDepth APIs, ARKit or similar
technology to capture a three-dimensional map of your face and analyze
your facial expressions. This facial data is processed in real time to
confirm your identity and to ensure that the selfie, picture or video
being taken is of a live user. This data remains on your device and is
processed in real time. We do not store, transmit, or share this data
unless explicitly stated and agreed upon.
OAuth: We use OAuth to allow you to log in to the Platform using your
existing accounts with third-party services. This means you can access
our Platforn without needing to create a new account. When you sign in
via OAuth, we may access certain information from your third-party
account, such as your name, email address, and profile information,
based on the permissions you grant. For more details on how third-party
services handle your data, please review their privacy policy. We only
use this data to provide you with the features and services on our
Platform and will never share it with third parties without your
consent.
Other APIs: We may use other third-party APIs necessary for us to
provide the Service to you. These APIs may collect and process certain
data from you, such as payment details or location data, to deliver the
Service and conduct AML/accreditation verification of potential
investors. We do not control these third-party APIs, and they have their
own privacy policies. By using our Platform, you agree to the
collection and use of your data by these third-party services, as
outlined in their respective privacy policies.
Third Party SDK
The
Platform connects to the software development kit (SDK) of some of our
third party service providers and in such event your Personal Data may
be collected or accessible by these servise providers. SDK used by us
includes without limitation, bugly, appsflyer and google.
We ensure that these service providers take extensive security measures
with high level encryption in order to protect your Personal Information
against loss, misuse or alteration.
Employees
In
addition, ATFCL advisers, top level employees and lead investors
may have access to your Personal Data to help them evaluate, invite and
communicate with you as a User. If you are a User, your information will
generally be available to them, and they may have access to your
Personal Data to assist them in discovering, evaluating and tracking
communications.
Business Transfer
As
we develop our business, we may buy or sell businesses or assets. In
the event of a corporate sale, merger, reorganization, dissolution or
similar event, we may also transfer your Personal Data as part of the
transferred assets without your consent or notice to you. You consent to
the successor company having access to the information maintained by ATFCL including customer Account Information, and such successor
company would continue to be bound by this Privacy Policy unless and
until it is amended.
Other Users
The
Personal Data you choose to add to your profile, such as your customer
name and account number, may be visible to other Users or any other
person for the purpose of transaction processing or Service promotions
and activities which you participate in. While you may request that your
information be shared only with a select group of people, we cannot
guarantee that it will not be accessed by others or that those with
access will handle it appropriately. If you prefer to keep your
information private, we recommend not sharing it on our Platform. Please
be aware that while some of your activities as a User may not be
directly visible to others, certain information or behaviours might
still be inferred by other Users on the Platform.
If
you request that we remove your Personal Data as described in Your
Rights Relating to Your Personal Data, we will convey that request to
any third-party with whom we have shared your data. We are not, however,
responsible for revising or removing your Personal Data obtained by any
third party who has previously been provided with your information by
us in accordance with this policy or any third party to whom you have
provided such information (whether by sharing your login and password,
or otherwise).
