Privacy Policy
BACKGROUND
This privacy policy (“Policy”) applies to the website(s) and mobile application(s) (hereinafter referred to as, the “Sites”) provided by VFD Microfinance Bank Limited (“Bank”, “we”, “us”, “our” or “The company”), and other products/services of VFD MFB (Vbank). This Policy discloses our data protection practices on our Sites and products (“Services”), inclusive of the type of personal data that we collect, our method of collection of personal data, use of personal data and procedures for sharing personal data with third parties.
VFD MFB takes its responsibilities regarding the management of the requirements of the Data Protection Laws very seriously. This Policy sets out how VFD MFB manages these responsibilities. This Policy applies to all Personal Data that VFD MFB processes regardless of the location where that Personal Data is stored (e.g. on a user’s own device) and regardless of the Data Subject.
VFD MFB obtains, uses, stores and otherwise processes Personal Data relating to you referred to in this Policy as Data Subjects). When Processing Personal Data, VFD MFB is obliged to fulfil individuals’ reasonable expectations of privacy by complying with the Data Protection Laws.
CONSENT
By using our sites and services and providing your personal data, you agree to the collection and use of your information as outlined in this policy. This includes your consent to share your personal data according to the terms specified here. If we make any changes to this policy, we will update this page to keep you informed about what information we collect, how we use it, and under what circumstances we disclose it. If you do not agree with these terms, please refrain from using or accessing our sites and services.
DATA COLLECTION AND PROCESSING
This Policy applies to all Personal Data that VFD MFB processes regardless of the location where that Personal Data is stored (e.g. on a user’s own device) and regardless of the Data Subject. When VFD MFB processes Personal Data, we are guided by the following principles, which are set out in the Data Protection Laws. VFD MFB is responsible for and demonstrates compliance with the data protection principles listed below: When VFD MFB processes Personal Data, we are guided by the following principles, which are set out in the Data Protection Laws. VFD MFB is responsible for, and demonstrates compliance with the data protection principles listed below:
Those principles require Personal Data to be:
- processed lawfully, fairly, in a transparent manner.
- collected only for specified, explicit and legitimate purposes and not further processed in a manner incompatible with those
- adequate, relevant and limited to what is necessary in relation to the purposes for which it is
- accurate, complete and where necessary, kept up to
- kept only for the period which it is reasonably required.
- processed in a manner that ensures appropriate security of personal data, including protection against unauthorised or unlawful processing.
We are committed to protecting the privacy and security of our customers’ personal information. VFD MFB collects various types of information to provide and improve our services, including:
- Personal Identification Information: Name, address, date of birth, Bank Verification Number (BVN), National Identification Number (NIN) and other identification details.
- Contact Information: Email address, phone number, and residential address
- Financial Information: Bank account details, transaction history, credit/debit card information, and income details.
- Usage Data: Information about how you use our services, including transaction details, account activity, and preferences.
- Technical Data: IP address, browser type, device information, and other technical details collected through cookies and similar technologies.
VFD MFB collects information physically (documents) or through electronic communications which include but are not limited to electronic mail (email), telephone, mobile text messages (SMS), or any other internet device(s) and social media platform (e.g. Twitter, Facebook, LinkedIn, WhatsApp, Instagram etc).The information we collect may include: name, data of birth, telephone number, email address, nationality, tax identity number, bank details, bank verification number, an identity number, location, photograph, IP address, MAC address, IMEI number, IMSI number and any other information VFD MFB may require. When users send email or other communications to VFD MFB, we may retain those communications in order to process inquiries, respond to their requests and improve our services. When clients access VFD MFB’s services, our servers automatically record information that the customer’s/client’s browser sends whenever they visit our website in accordance to our cookie policy. In furtherance of our Know Your Customer (KYC) Policy, We may request more information from third parties to verify the authenticity and validity of the identification document that you have provided, either directly from the issuing authorities or through authorized service providers.
How We Use Your Information
The purpose of collecting your personal data is to give you an efficient, enjoyable, secure and seamless customer experience.
We may use your personal data for the following purposes:
- Identity Verification: Verify your identity when accessing account information.
- Account Administration: Manage your accounts or other products and services provided by us or our partners/affiliates.
- Transaction Management: Process transactions and manage your accounts.
- Personalization: Customize your experience and offer personalized services and products.
- Eligibility Assessment: Assess your eligibility for our products and services.
- Interactive Features: Enable participation in interactive features of our services.
- Communication: Keep you informed about your account and services.
- Customer Support: Respond to your inquiries and communicate with you.
- Financial Understanding: Understand your financial needs.
- Risk Management: Prevent crime, fraud, money laundering, or terrorism financing activities and manage our risks.
- Credit Review: Review credit or loan eligibility.
- Marketing: Promote the products and services of VFD MFB, related entities, and affiliates. You can change your preferences for receiving marketing messages or opt out at any time.
- Product Design: design products, and profile customers.
- Service Updates: Inform you about changes to our services.
- Internal Operations: Provide customer care and support for internal operations, including troubleshooting, data analysis, testing, security, fraud detection, and account management.
- Research and Analysis: Process your information for audit, statistical, or research purposes to understand customer behaviour trends, better manage risks, and tailor products and services to customer needs.
- Conversation Monitoring: Monitor our conversations with you when we speak on the telephone for various purposes, including verification, fraud analysis, and prevention.
- Debt Recovery: Recover any debts you may owe the bank.
- Usage Monitoring: Monitor the usage of our services.
- Technical Issue Management: Detect, prevent, and address technical issues.
- Security Enhancement: Prevent fraud and enhance the security of your account or our service platform.
- Tailored Content: Provide you with tailored content and marketing messages, such as recommending other products or services we believe you may be interested in.
- Legal and Regulatory Compliance: adhere applicable legal and regulatory requirements, industry standards, contractual obligations, and our policies
- Fraud Prevention: Prevent fraud and improve security.
YOUR RIGHTS AS A DATA SUBJECT
Your personal data is protected by legal rights enshrined in Data Protection Laws. These rights include the following:
- The right to correction of Personal Data or, if correction is not feasible or suitable, deletion of the data subject’s Personal Data that is inaccurate, out of date, incomplete, or misleading.
- The right to withdraw consent to further Processing of Personal Data.
- The right to request data portability to another entity or person.
- The right to request for access to the Personal Data in VFD MFB’s possession.
- The right to restrict or object to Processing in specific circumstances g. where there is a valid complaint about accuracy.
- The right to prevent Processing that is likely to cause damage or distress to the Data Subject or anyone else.
- The right to be notified of a Personal Data Breach which is likely to result in high risk to their rights and freedoms.
- The right to lodge a complaint with the Nigeria Data Protection Commission (NDPC).
- The right not to be subject to decisions based solely on automated Processing, including Profiling, except where necessary for entering into or performing, a contract, with VFD
For more information or to exercise your data protection rights please, please contact our Data Protection Officer at dpo@vfd-mfb.com or call 02012271396.
We will endeavour to process all subject access requests within thirty (30) days and if any further extension is required, we will communicate same through existing consented channels – at no cost. However, please note that you may continue to receive existing communications for a transitional period whilst we update your preferences.
DATA TRANSFER AND SHARING
We may transfer your personal data to third parties, including service providers and partners, for the purposes of providing our services, complying with legal obligations, or as otherwise permitted by law. All transfers of personal data will be conducted in accordance with the Nigeria Data Protection Act (NDPA) 2023 and other relevant regulations.
DATA RETENTION
We will retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, or reporting requirements. The specific retention period will depend on the nature of the data and the purposes for which it is processed. In compliance with the Nigeria Data Protection Act (NDPA) 2023, we will retain your personal data for the duration required by applicable laws and regulations. This may include retention periods mandated by financial regulations, tax laws, and other legal obligations. We will ensure that the personal data we retain is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed. We will regularly review our data retention practices to ensure compliance with this principle. Once the retention period has expired, or the data is no longer needed for the purposes for which it was collected, we will securely delete or anonymize your personal data. This process will be conducted in accordance with industry best practices to ensure that your data is irretrievably erased. You have the right to request the deletion of your personal data at any time, subject to certain legal and regulatory obligations. If you wish to exercise this right, please contact us using the details provided in this policy. In certain circumstances, we may retain your personal data for longer periods if it is necessary for the establishment, exercise, or defence of legal claims, or if we are required to do so by law.
DATA SECURITY
VFD MFB implements and sustains appropriate measures to protect Personal Data. We consider in particular, the risks to Data Subjects presented by unauthorized or unlawful Processing or accidental loss, destruction of, or damage to their Personal Data. Safeguarding will include the use of encryption and Pseudonymization where appropriate. It also includes protecting the confidentiality (i.e. only those who need to know and are authorized to use Personal Data shall have access to it), integrity and availability of the Personal Data.
We will regularly assess and test the effectiveness of our measures to ensure the security of our processing of personal data.
We manage personal data in a manner that prevents accidental loss, disclosure, or other unintended or unlawful processing, while maintaining its confidentiality. Special care is taken to protect sensitive personal data from loss and unauthorized access, use, or disclosure.
We follow procedures and use technologies to secure all personal data from the point of collection to its destruction.
We adhere to all applicable aspects of this policy and do not attempt to bypass the administrative, physical, and technical safeguards we implement and maintain in accordance with data protection laws to protect personal data.
DISCLAIMER
We are committed to keeping your information secure by implementing appropriate technical and organizational measures to prevent unauthorized or unlawful processing, as well as accidental loss, destruction, or damage. While we strive to protect your personal data, we cannot guarantee its security when transmitted to other websites via the internet or similar connections. If you have been provided with (or have chosen) a password to access certain areas of our Sites, please keep this password safe. We will not share your password with anyone. As a user of our Services, you acknowledge and agree that you are responsible for safeguarding your account. You must not disclose your password to anyone or allow anyone to use your account.
REVIEW OF POLICY
This privacy policy is periodically reviewed, especially when there are significant changes in business or regulatory requirements. The updated Privacy Policy will take effect from the published date of the update. At a minimum, we will review this policy annually and communicate any updates through our channels, such as our website and social media accounts. If the revised version includes substantial changes, we will notify you via email or other channels.