1. Introduction
PayGate ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our payment gateway services. Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the platform.
2. Information We Collect
Personal Information:
- Full name and business name
- Email address and phone number
- Physical business address
- Bank account details for settlements
- Government-issued ID numbers (BVN, NIN, Passport)
- Tax identification numbers
- Date of birth and nationality
Transaction Information:
- Payment amounts and currencies
- Customer payment details
- Transaction timestamps
- IP addresses and device information
- Geolocation data
Technical Information:
- Browser type and version
- Operating system
- API request logs
- Usage patterns and analytics
- Device identifiers
3. How We Use Your Information
We use your information for the following purposes:
- Service Delivery: Process payments, settle funds, and provide virtual accounts
- Compliance: Meet KYC, AML, and regulatory requirements
- Security: Detect and prevent fraud, unauthorized transactions, and security incidents
- Communication: Send transaction notifications, service updates, and support responses
- Analytics: Improve our services, develop new features, and optimize performance
- Legal Compliance: Comply with applicable laws, regulations, and legal processes
- Marketing: Send promotional materials (only with your explicit consent)
4. Legal Basis for Processing
We process your personal information based on:
- Contract Performance: To provide our payment services as agreed in our Terms of Service
- Legal Obligations: To comply with Nigerian financial regulations and anti-money laundering laws
- Legitimate Interests: To improve our services, prevent fraud, and ensure security
- Consent: For marketing communications where you have provided consent
5. Information Sharing and Disclosure
We may share your information with:
- Payment Partners: PalmPay and other financial institutions to process transactions
- Verification Services: EaseID and other KYC providers for identity verification
- Regulatory Authorities: When required by law or to comply with legal processes
- Service Providers: Third-party vendors who assist with hosting, analytics, and customer support
- Professional Advisors: Lawyers, auditors, and consultants when necessary
We do NOT sell your personal information to third parties. Any data sharing is done under strict confidentiality agreements.
6. Data Retention
We retain your information as follows:
- Account Information: For as long as your account is active plus 5 years for regulatory compliance
- Transaction Data: Minimum of 7 years as required by financial regulations
- KYC Documents: 7 years after account closure for anti-money laundering compliance
- Log Data: 2 years for security and performance analysis
- Marketing Data: Until you withdraw your consent
7. Data Security
We implement comprehensive security measures including:
- 256-bit SSL/TLS encryption for all data transmission
- AES-256 encryption for sensitive data at rest
- Regular security audits and penetration testing
- Access controls and multi-factor authentication
- PCI DSS Level 1 compliance for payment data
- 24/7 monitoring and intrusion detection systems
- Employee background checks and data protection training
- Incident response and breach notification procedures
8. Your Rights
Under Nigerian data protection laws (NDPR) and internationally recognized standards, you have the right to:
- Access: Request a copy of your personal data
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion of your data (subject to legal retention requirements)
- Restriction: Limit how we use your data
- Portability: Receive your data in a structured, machine-readable format
- Objection: Object to certain processing activities
- Withdraw Consent: Withdraw previously given consent at any time
To exercise these rights, contact us at privacy@paygate.ng. We will respond within 30 days.
9. Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Maintain your session and authentication
- Remember your preferences
- Analyze site usage and improve performance
- Detect fraud and security threats
- Understand user behavior and optimize our services
You can control cookies through your browser settings. Disabling cookies may affect some functionality including transaction processing.
10. International Data Transfers
Your information may be transferred to and processed in countries other than Nigeria. We ensure appropriate safeguards are in place, including standard contractual clauses and data processing agreements with all third-party processors.
11. Children's Privacy
Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from minors. If you become aware that a minor has provided us with personal information, please contact us immediately.
12. Updates to This Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be notified via email notification to registered merchants, dashboard announcement, or website notification banner.
The "Last Updated" date at the top of this policy indicates when changes were made. We encourage you to review this policy periodically.
13. Contact Information
For privacy-related questions or concerns, please contact our Data Protection Officer:
- Email: dpo@paygate.ng
- Privacy Queries: privacy@paygate.ng
- Phone: +234 123 456 7890
- Address: Lagos, Nigeria
- Business Hours: Monday-Friday, 9 AM - 6 PM WAT
14. Complaints and Dispute Resolution
If you believe we have violated your privacy rights, you have the right to lodge a complaint with the National Information Technology Development Agency (NITDA).
We encourage you to contact us first so we can address your concerns directly. We aim to resolve all privacy complaints within 30 business days.
15. Third-Party Links
Our platform may contain links to third-party websites or services. We are not responsible for the privacy practices or content of these third parties. We encourage you to read their privacy policies before providing any personal information.