VBank – Privacy Policy

DEFINITIONS

V by VFD mobile banking application (V) is a product of VFD Microfinance BankLimited (VBank).

At VFD Microfinance Bank Limited (“we”, “us”, “our” “VBank”, “Company”), we recognize your privacy is important. This Policy explains our privacy practices on ourwebsite [•https://vbank.ng/] (the “Site”) and the V(collectively “the Platforms”). This Policy also explains what information we collect about our customers and how we use this information. This Privacy Policy is designed to be read in connection with the Platforms’Terms of Use. By accessing or using our Platforms, you hereby agree with the method of collection, use, disclosure and processing of your Personal Information as described in this Privacy Policy and the Terms of Use.

  • For the purposes of clarity, “we,” “us,” “our,” the “Company” and VBank” refers to VFD Microfinance Bank The “Services” refer to the use of any of the financial services or products on any of the Platforms. “User,” “customer,” or “subscriber,” refers to consumers of the Services. “Personal Information,” or “Personal Data,” means any information that identifies or can be used to identify a User, directly or indirectly, including, but not limited to name, email address, mobile number, photograph, bank details or IP address.

 

CONSENT FOR COLLECTION, USE AND DISCLOSURE

    1. Your use of the Platforms and/or registration for the Services constitutes your consent to the terms of this Privacy Policy. If you do not agree, you can withdraw your consent at any time but please note that the Company will not be able to provide you with its services.
    2. The Company reserves the right to amend this Privacy Policy at any time. When it does, the Company will also revise the “last updated” date at the top of this Privacy Policy.
    3. the Company will notify you by email regarding material changes to this Privacy Policy that will affect information collected from you in the future. However, the Company will not notify you in certain circumstances, such as in connection with investigation of a breach of an agreement, contravention of laws, an emergency where the life, health or security of an individual is threatened, the collection of a debt or in compliance with the request of a law enforcement agency or a court order. However, the Company may notify Users of such circumstances upon request by the User in permissible circumstances.
    4. You may withdraw your consent for collection, use and disclosure at any time by sending an email using the Company’s contact details on the ‘Contact Us’ page on the Site. Please note that, if you withdraw your consent for collection, the Company may suspend its provision of Services to you.
    5. By continuing to access and use the Services, you are deemed to have accepted the changes to the provisions of this Privacy Policy.
    6. If you provide Personal Information of any third party tothe Company, we assume that you have obtained the required consent from the relevant third party to share and transfer his/her Personal Information to us.

 

Collection of Personal Information.

All information supplied by Users of the Services as defined under the Terms of Use is covered by the provisions of Constitution of the Federal Republic of Nigeria 1999 (as amended), Nigerian Data Protection Regulation 2019 (NDPR) and other extant laws and regulations regulating the use and management of personal data.

    1. Voluntarily Submitted Data: When you sign up for the Company’s Services, pay for a subscription, consult with our customer service team, send us an email, post on our blog or communicate with us in any way, you are voluntarily giving us information that we process, including, but not limited to; name, username, email address, mobile number, IP address, credit card information, bank information, and purchase history. By submitting this information, you consent to its’ collection, usage, disclosure, and storage by us, as described in our Terms of Use and in this Privacy Policy.
    2. Automatically Collected Data: When you use the Services or browse any of our Platforms, we may collect information about your visit, your usage of the Services, and/or your web browsing; which may include your IP address, operating system, device type, operating system, browser ID, browsing activity, and other information about how you interacted with our Websites or Mobile Applications. We may collect this information as a part of log files orthrough the use of cookies or other tracking technologies. Our use of cookies is discussed more in our Cookie Policy accessible athttps://vbank.ng/mobile-app-privacy-policy
    3. Service Usage Data: We may receive information about how and when you use the Services, store it in log files or other types of files associated with your account, and link it to other information we collect about you. This information may include, for example, your IP address, time, date, browser used, and actions you have taken within the Website or Mobile Applications. This type of information helps us to improve our Services for both you and for all of our users.
    4. Cookie Data: The Site uses cookies. Cookies are text files containing small amounts of information which are downloaded to your device when you visit a website. Cookies are useful because they allow a website to recognize a User’s device. And, to do a lot of other tasks, you may see examples below. You can find more information about cookies at: allaboutcookies.org and youronlinechoices.eu. We use strictly necessary cookies, analytical/performance, functionality and targeting/advertising cookies on the Platforms. These cookies may allow:
    1. Strictly necessary – us remember of any of the features and services you use such as savings, fixed deposit, bill payment, tap and pay amongst others.
    2. Functionality – us to remember choices you make to improve your experience (such as your username, age classification etc.);
    3. Advertising or targeting – third party advertising companies to display advertisement more relevant to you and your interests. As part of their services, they will place a separate cookie on your computer to help them precisely target advertising to you. These third-party advertising companies do not collect personally identifiable information and;
    4. Analytical or Performance – us or/and third-party partners collect anonymous information including but not limited to performance and website improvement. This may include web analytics, error management and testing designs.

 

You can find out more about cookies at this site: allaboutcookies.org/manage-cookies.

Mobile Application Data: When you use our Mobile Applications, we may collect certain information in addition to information described elsewhere in this Policy. For example, the type of device and operating system you use. We may ask you if you want to receive push notifications. If you have opted in to these notifications and no longer wish to receive them, you may turn them off through your device’s operating system. We may use mobile analytics software to better understand how people use our application. We may collect information about how often you use the application and other performance data.

PURPOSES FOR COLLECTING PERSONAL INFORMATION

We collect Personal Information for the following reasons:

    1. For Promotional Purposes: This includes sending you emails relating to the merits of a product, service, brand or issue. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email we send, or by adjusting your Marketing Preferences in your profile. This data is processed in accordance with consent under the NDPR and extant data protection laws.
    2. For Billing Purposes: This includes sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number. We use third parties for secure credit card transaction processing, and we send billing information to those third parties to process your orders and credit card payments. This data is processed in accordance with consent and third party data processing contract requirements under the NDPR and extant data protection laws.
    3. To Provide and Improve Our Services. This includes, for example, aggregating information from your use of the Services or visit to our Platforms and sharing this information with third parties to improve our Services. This might also include sharing your information with third parties in order to provide and support our Services. When we do have to share Personal Information with third parties, we take steps to protect your information by requiring these third parties to enter into a contract with us that requires them to use the Personal Information we transfer to them in a manner that is consistent with this policy. This data is processed in accordance with consent and third party data processing contract requirements under the NDPR and extant data protection laws.
    4. For Account and Support Communication: For example, we may inform you of subscription payment successes or failures, password reset attempts, and other support-related functions. This data is processed in accordance with consent under the NDPR and extant data protection laws.
    5. For Platform Alerts: For example, we may inform you of temporary or permanent changes to our Services, such as pricing changes, planned outages, new features, version updates, releases, abuse warnings, and changes to our Privacy Policy. This data is processed in accordance with the contract requirements under the NDPR and extant data protectionlaws.
    6. For Legal Purposes: For example, complying with court orders, valid discovery requests, valid subpoenas, to prosecute and defend a court, arbitration, or similar legal proceeding. To respond to lawful requests by public authorities, including to meet national security or law enforcement requirements. To provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements. This data is processed in accordance with legal obligation under the NDPR and extant data protection laws.
    7. For Transfer Purposes: In the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition. In that event, any acquirer will be subject to our obligations under this Privacy Policy, including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on our Website. This data is processed in accordance with legal obligation under the NDPR and extant data protectionlaws.

LIMITING THE COLLECTION OF PERSONAL INFORMATION

The Company may limit its collection of Personal Information only to the extent that the information is unnecessary for the identified purposes. The Company does not direct the Platforms to, nor does it knowingly collect any Personal Information from persons under the age of eighteen (18 years). Consequently, the Company shall not be liable for any use or processing of Personal Information of persons under the age of 18.

DISCLOSURE  OF PERSONAL INFORMATION

The Company will not disclose any of your Personal Information to anyone else, except:

    1. to its employees, independent contractors, subsidiaries, affiliates, consultants, business associates, service providers, suppliers and agents, acting on its behalf for any of the identified purposes;
    2.  if it has reason to believe that disclosure is necessary to identify, contact or bring legal action against someone who may be causing injury to or interference (either intentionally or unintentionally) with the Company’s rights or property, other users of the Platforms, the Services, or anyone else that could be harmed by such activities;
    3. in the event of business transfers which may occur when we sell or buy businesses or assets. In the event of a corporate sale, merger, reorganization, dissolution or similar event, personal data may be part of the transferred assets; and
    4. to respond to judicial process and provide information to law enforcement agencies or in connection with an investigation on matters related to public safety, as permitted by law, or otherwise as required by law.

 

DATA RETENTION

We may retain Personal Information about the User, as long as it is necessary for business and/or legal purposes. Also, we may retain aggregated anonymous information indefinitely. In addition, we may retain your information for an additional period as is permitted or required to, among other things, comply with our legal obligations, resolve disputes, and enforce agreements.

 

If your account becomes inactive (that is, if you request to be removed from the Company’s database), the Company will keep your Personal Information in its archives for the duration required by law. Your information will be used only as necessary for tax reasons or to prove the Company’s compliance with any applicable law.

 

DATA TRANSFER

For the purpose of providing the Services, the Company (through the Platforms) processes information about our Userson servers located in a number of countries.

The Company may also subcontract processing or sharing of information to third parties located in other countries, other than your home country. Also, such information may be transferred to another company if the need arises. Therefore, information may be transferred across international borders outside the country where you use our services, including to countries that do not have laws providing specific protection for personal data or those that have different legal rules on data protection.

We will only transfer Personal Information outside the country upon compliance with the provisions of any applicable law in relation to transfer of Personal Information outside Nigeria.

BVN data shall be stored within Nigeria and shall not be routed across borders without the consent of the Central Bank of Nigeria (CBN).

By this Privacy Policy, you hereby explicitly and contractually consent to the transfer of your Personal Information by the Company as contemplated herein.

 

ACCURACY OF PERSONAL INFORMATION

We will use commercially reasonable efforts to keep your Personal Information as provided by you accurate for the identified purposes. Users are responsible for informing us about any changes to their Personal Information from time to time.

Users will be informed that in order to implement the measurements of verification of information provided by the user, we may request you to provide copies of documents related to your Personal Information including but not limited to an official ID Card, bank verification number, etc.

Users represent that all Personal Information provided to us is accurate for the identified purpose

 

DATA SECURITY

We transmit and store the information we collect using standard security techniques. However, given the nature of the internet and the fact that network security measures are not fool proof, we cannot guarantee the security of such information. Weprotect your Personal Information by:

    1. restricting access to thePersonal Information;
    2. maintaining technology products to prevent unauthorized computer access; and
    3. securely destroying your Personal Information when it is no longer needed for any legal or business purpose.
    4. using state of the art Secure Socket Layer (SSL) encryption technology when processing your financial details.

Your password is the key to your account. Please use unique numbers, letters and special characters, and do not share your password to anyone. If you do, you will be responsible for all actions taken in the name of your account and the consequences. If you lose control of your password, you may lose substantial control over your Personal Information and other information submitted to us. You could also be subject to legally binding actions taken on your behalf. Therefore, if your password has been compromised for any reason or if you have grounds to believe that your password has been compromised, you should immediately contact us and change your password.

As a safety measure, you are required to log off from your account and close the browser after using a shared computer.

Should a security breach occur, the Company will notify all affected customers as soon as is reasonably possible, and later may file a report with the appropriate authorities on the actions we took if the need arises.

 

OTHER WEBSITES AND LINKS

Our Platforms may contain links to third party websites (“Linked Websites”). This Privacy Policy does not cover collection or use of information by Linked Websites. We are not responsible for the privacy practices of Linked Websites. If you have questions about the privacy policies or practices of a Linked Website; you should contact the web administrator of the site directly.

 

PRIVACY POLICY CHANGES

We may make changes to this Privacy Policy from time to time, and for any reason. You are advised to consult this privacy policy regularly for any changes, as we deem your continued use, following posting of any amendment, modification or change, approval of all changes.

 

YOUR DATA PRIVACY RIGHTS

    1. Right to Rectification: Users can modify or change their name, email password, and mobile login PIN via their profile. For all other requests, such as updating email address or mobile number, please contact us at [email protected]
    2. Right of Access, Right to Erasure, Right to Restrict Processing: Users can request access or erasure of their Personal Information, as well as request restriction on further processing of their Personal Information by contacting us at [email protected]  Please allow up to 30 days for requests to be processed. The Company reserves the right to charge a reasonable fee to process excessive or repeat requests.
    3. Right to Withdraw Consent: Users can stop receiving our promotional emails by following the unsubscribe instructions included in every email we send, or by adjusting your Marketing Preferences in your profile. Users also have choices with respect to cookies, as described above and more particularly set out in the Cookie Policy accessible at https://vbank.ng/mobile-app-privacy-policy/
    4. Right to lodge a complaint with a supervisory authority: Should you feel your data privacy rights are not being adequately protected by the Company, you have the right to lodge a formal complaint with the appropriate supervisory authority.

 

AVAILABLE REMEDIES IN THE CASE OF BREACH

In the case of a breach of any of the obligations with respect to your Personal Information being breached or compromised, please exercise your right to contact us through any of the channels highlighted below immediately. A data breach procedure is established and maintained in order to deal with incidents concerning personal data or privacy practices leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed. On notification of such breach, we will investigate to determine if an actual breach has occurred, the actions required to manage such breach, communicate with the subject of the breach and take appropriate action under its dispute resolution framework to remedy such breach.

 

CONTACT US

If you have questions regarding your data privacy rights or would like to submit a related data privacy right request, please email us at [email protected]  Please allow up to 30 days for requests to be processed. The Company reserves the right to charge a reasonable fee to process excessive or repeat requests.

If you have general questions concerning this Privacy Policy, please contact us at:

[email protected]

Tel: [●+234 908 752 2472]

VFD Microfinance Bank Limited

Address: 214 Broad Street, Lagos Island, Lagos, Nigeria

Last updated- [●]