Privacy Policy

Collection of Personal Data

We may collect and obtain this personal data when you create a Nicekash account through the Nicekash application or website. You may be required to provide or submit information, including but not limited:

Your identity (such as name, BVN, gender), occupation, address, photos (accessed through the camera), text messages, emergency contacts and phone number, email address, financial data, credit information, approximate location, device information, and other personal information including your first language, marital status, age, educational level by granting permissions to the application 

We may collect and obtain this personal data manually or automatically, from sources including but not limited to personal data you submit; analysis of your use and management of the account/facilities; publicly available sources or registration authorities; government agencies, regulatory bodies, and/or law enforcement agencies; third parties or other sources; and information collected when you visit our website (including the IP address of your mobile device or computer) or information collected through cookies on some websites. This data will only be collected with your consent, unless otherwise restricted.

By submitting information to Nicekash, you:

Confirm Accuracy: You certify that all provided information is complete, truthful, and current to the best of your knowledge

Grant Permission: You agree to our collection and use of this information for:

Providing our services,

Fraud prevention and security;

Legal compliance and regulatory requirements;

Other purposes described in this Privacy Policy;

Important Notes:

• Some processing is required by law and cannot be refused while using our services

• False information may result in service suspension or legal consequences

The permission we need you provide

LOCATION

Permission Purpose:

We will collect your geographic location information and your IP address.

Data Usage.

1. Credit assessment: to assess the user’s credit rating in order to provide appropriate credit lines and loan services.
2. Compliance: we can only provide loan service in Nigeria

Data Security.

We encrypt Users’ location data using the HTTPS protocol and transmit it to our servers (https://console.minicloud-ng.com/) We do not share the data we collect with third parties without the user’s permission.

Personal Information

We collect personal information from our users including name, age, gender, telephone number, email address, date of birth, income, Bank Verification Number (BVN). We collect your personal information in order to assess your credit rating, your identity verification and provide you with a line of credit.

Data Usage.

1. Credit assessment: to assess the user’s credit rating in order to provide appropriate credit lines and loan services.
2. Customer service: to respond to users’ requests, questions and feedback and to provide customer support services.
3. Service improvement: for internal data analysis and research to improve our services and products.
4. Statutory Obligations: To fulfil legal, regulatory and governmental requirements.

Data Security.

We encrypt Users’ personal information using the HTTPS protocol and transmit it to our servers (https://console.minicloud-ng.com/) We do not share the data we collect with third parties without the user’s permission.

Device info

Permission Purpose:

Nicekash collects information about the user’s device, such as hardware information including the device's operating system, Android version, IMEI number, IMSI number, serial number, screen size and other hardware information

Data Usage.

1. Credit assessment: to assess your credit rating in order to provide appropriate credit limits and loan services.
2. Service Improvement: for internal data analysis and research to improve our services and products.
3. Device Management: To ensure that the application works properly on your device and to optimise the user experience.
4. Security and Fraud Prevention: uniquely identify the device and ensure that unauthorized devices are not to act on your behalf to prevent frauds 

Data Security.

We encrypt users’ device information using the HTTPS protocol and transmit it to our servers (https://console.minicloud-ng.com/) We do not share the data we collect with third parties without the user’s permission.

Emergency Contact

When using the Nicekash App service, we will ask users to provide emergency contacts information. Users can both pick contacts from the contact list or input the contact info as emergency contacts, including contact name, phone number and relationship with you.

Data Usage:

1. Emergency Notification: In the event of an emergency, we will use emergency contact information to notify your contacts to ensure your safety and prompt assistance.
2. Customer Support: In some cases, we may use emergency contact information to provide better customer support services.

Data Security:

We use the HTTPS protocol to encrypt Users’ emergency contact information and transmit it to our servers (https://console.minicloud-ng.com/). We do not share the data we collect with third parties without the user’s permission.

Camera

Permission Purpose:

Nicekash use phone camera only for customer facial recognition. We will not access your phone album. The permission just allow customer take a selfie for facial recognize purpose

Data Usage:

Take a selfie for facial recognition purpose allow our system detect the fraud, we only open facial recognition to the customers who has detected with potential risk.

Data Security:

We will upload the collected data to the Nicekash server (https://console.minicloud-ng.com/) with high level protection. We will upload the customer’s selfie to trusted third-party for facial recognition.

APP LIST：

Permission Purpose:

We need to obtain your APP list permission. We will collect the APP list you have installed to identify whether you have Illegal application or Fraudulent application or unsafe software that is not officially certified by Google.Data Usage:

1. To ensure you are using our App service under secure environment. 
2. To detect any fraudulent App like Fake GPS, Fake bank etc. 

We will upload the collected data to the Nicekash server (https://console.minicloud-ng.com/) with high level protection. 

SMS

Permission Purpose:

Nicekash collects the User’s SMS data to retrieve financial, transactional and fraudulent related data including the content of the SMS, the time the SMS was sent, and the mobile phone number to which the SMS was sent.

Data Usage:

We screen messages containing the user’s name, transaction description and transaction amount for user credit risk assessment.

In order to prevent users from using our services illegally, including fraud, money laundering and other illegal activities, we use SMS data as an important basis for making judgements about assessing a user’s fraud risk and financial situation. Nicekash will provide users with a dialog on whether to authorise the application to access the mobile phone’s SMS messages, and the user has the option of granting or denying permission. If the user refuses authorisation, this means that we do not have access to SMS messages and are unable to assess the user’s fraud risk and creditworthiness.

We do not monitor, read, store or share any personal SMS Log data of users.

Data Security:

We use the HTTPS protocol to encrypt and transmit Users’ SMS data to our servers (https://console.minicloud-ng.com/). We do not share the data we collect with third parties without the user’s permission.

Purpose of Collecting Personal Data

We will use your personal data for registration, loan approval, risk management, fraud prevention, debt collection, marketing, and other purposes in this Privacy Notice, to help us provide you with better services. 

After creating your account, we may request additional personal data, such as your address, bank account information, income details, etc., for identity verification, loan disbursement, application compliance etc. Please ensure that the data you provide is accurate, complete or it will affect or reject your loan application.

During your use of our services, we may collect and process your personal data for the following purposes:

1. Registration and Account Management: We need your basic information to create and manage your account, enabling you to use the platform’s services smoothly.
2. Loan Approval and Disbursement: We will conduct credit assessments based on your personal and financial information to help us make reasonable loan decisions.
3. Risk Management and Fraud Prevention: We will analyze and monitor your behavior and transaction patterns to detect potential risks and fraudulent activities, protecting you and our platform.
4. Debt Collection and Debt Management: When necessary, we will use your contact information for debt collection to ensure your account is properly managed within the stipulated timeframe.
5. Marketing and User Communication: With your consent, we will send you marketing information related to products and services, including notifications about offers, events, or new features, to enhance your user experience.
6. Compliance and Legal Obligations: We will process personal data as required by laws and regulations to comply with anti-money laundering laws, data protection regulations, and other compliance requirements.

We will be adhering to the terms in this Privacy Notice and applicable legal regulations when processing and using personal data, ensuring that your personal data is effectively protected and that your privacy rights are respected during the processing.

Use of Personal Data

During your use of our services, we may manually or automatically process, use, and/or disclose your personal data for purposes that include:

• Processing your loan applications and related transactions, including application approval, review, and fund disbursement.
• Account management and maintenance. 
• Evaluating your creditworthiness using your personal and financial information to make lending decisions and manage risks.
• Anti-fraud and device environment safety detect.
• Processing your personal data in compliance with applicable laws, regulations, and regulatory requirements, such as tax reporting, anti-money laundering (AML), and counter-terrorism financing (CTF) regulations.
• Providing necessary personal data to government authorities or judicial bodies to assist with investigations and legal proceedings.
• Conducting internal audits and compliance activities to adhere to legal and regulatory standards.
• Implementing data encryption and access control technologies to protect your personal data from unauthorized access and data breaches.
• Monitoring system and network activity to detect and prevent fraudulent activities, ensuring the security of users and the platform.
• Using real-time alert systems and risk analysis tools to detect abnormal user behavior and trigger appropriate protective actions.
• Providing customized advertisements, promotional activities, and product recommendations to improve user experience and meet your preferences, with your consent.
• In-app user behavior analyzing, improve user experience.
• Providing data to attorneys and legal advisors to assist with legal matters and risk management when necessary.

Disclosure of Personal Data

The personal data we hold shall always be kept confidential. However, to provide you with effective and continuous products and services, and in compliance with laws, regulations, and guidelines, as well as for Permitted Processing, you explicitly consent to the disclosure, sharing, or processing of your personal data to and by the following parties, whether located in Nigeria or elsewhere:

a. Agents, parent companies, subsidiaries, affiliates, and related entities of Nicekash;

b. Professional advisors, contractors, service providers, debt collection agencies, and other agents contracted with us;

c. National and local credit bureaus, credit reporting agencies, credit reference agencies, rating agencies (e.g., credit information companies), insurance companies, and/or insurance brokers;

d. Financial service providers related to relevant products and services;

e. Any authorities or regulatory bodies, including foreign regulators or any party required by law;

f. Strategic/business partners we collaborate with;

g Third-party collection agencies;

h. Any party involved in enforcing or maintaining our rights as stipulated in agreements between you and us;

i. Any third party authorized and/or consented to by you.

This ensures that your personal data is only shared as necessary for legitimate business purposes, compliance, or as required by law, safeguarding your rights and privacy throughout the process.

Withdrawal of Consent

You may express your objection to our continued use, collection, and/or processing of your personal data at any time by contacting us via our email address. This will serve as a mechanism for you to revoke or grant permissions previously given to us.

Please note that if you object to the processing of certain personal data, depending on the nature and subject of your objection, it may impact the processing time of your application and/or our analysis of your credit status. We expressly reserve our legal rights and remedies in such cases.

Additionally, if you have contractual obligations under a loan agreement or other contract with us, withdrawing your consent or objecting to our continued use, collection, and/or processing of your personal data does not affect our right and obligation to continue processing your personal data legally.

Deletion of Personal Data

Under the Nigerian personal data protection framework, data subjects have control over their personal data, including the right to request its deletion. According to Nigerian data protection laws, such as the Nigerian Data Protection Regulation (NDPR), here are the key points regarding the deletion of personal data:

Right to Data Deletion

You have the right to request the deletion of personal data we hold about you, provided that:

• The data is no longer necessary for the purposes for which it was collected.
• The data processing is based on your consent, and you have withdrawn that consent.
• The data processing is based on legitimate interests, but your interests and rights take precedence.
• The data processing is unlawful, and you have the right to request deletion.
• The data was collected or processed in error while fulfilling a legal obligation or contract.

Submitting a Deletion Request

If you wish to request the deletion of your personal data, you can do so by: Logging into your account and finding the data deletion option in your account settings. OTP will be sent to your registered phone number as authorization to DELETION.

Limitations on Data Deletion

A data deletion request may be limited or denied in the following cases:

• Compliance with applicable laws, such as tax and accounting regulations.
• Data is used to exercise or defend legal rights.
• Data necessary for compliance obligations or to provide a service.
• Defaulted or unpaid loan exist.

Impact of Data Deletion

After data deletion, you may be unable to use certain services or features of our platform, as deleted data may be fundamental to providing these services. We will make every effort to notify you of the impact and your rights following data deletion.

Data Security

We are committed to taking all necessary measures to safeguard your personal data during collection and processing, preventing unauthorized access, use, modification, disclosure, or loss. These measures include, but are not limited to, the following:

Administrative Measures:

• Access Control: Implement strict access control to ensure that only authorized personnel can access your personal data.
• Data Protection Training: Conduct regular data protection training to ensure our employees understand and follow data protection best practices.
• Security Policies and Procedures: Develop and enforce data security policies and procedures to maintain data integrity and confidentiality.

Technical Measures:

• Encryption: Use advanced encryption techniques to protect data during transmission and storage, preventing theft or tampering.
• Network Security: Implement firewalls, intrusion detection systems, and other cybersecurity measures to detect and prevent unauthorized access.
• Regular Security Testing: Conduct routine vulnerability scans and security tests to identify and address potential security flaws.

Physical Measures:

• Secure Facilities: Ensure data storage facilities and office areas are protected with physical security measures such as access control systems and surveillance cameras.
• Restricted Access Areas: Limit access to data storage areas to authorized personnel only.
• Secure Storage: Use locked cabinets and safes to store paper records and other storage media, preventing physical loss or theft.

While we have taken these precautions, it is important to note that the internet and information technology environment are inherently dynamic and constantly evolving. We are continually reviewing and improving our data security technologies and strategies to address new security challenges.

If you have any questions regarding how we protect your personal data or need further information, please do not hesitate to contact the Data Privacy Officer (DPO).

Data Portability

You have the right to request that we provide your personal data, which you have provided to us, in a structured, commonly used, and machine-readable format so that you can receive this data and transfer it to another party. This right ensures that you can easily move personal data between service providers for better management and use of your data.

Detailed Information:

1. Scope of Data Portability:

• You have the right to access personal data you have provided to us, including but not limited to basic identity information, contact details, account information, and transaction history. This data is processed based on your contractual relationship with us or our legitimate interests.
• Data portability applies to data you have actively provided and does not include data collected by other means or data generated automatically through technical processes.

1. Technical Feasibility of Data Transfer:

• We will assess your request within reasonable technical limits. If technically feasible, we will make every effort to provide your personal data in the format you specify or transfer it directly to a third party you designate.
• The data format will be provided in a standard format, such as CSV, JSON, or other commonly used machine-readable formats, to enable easy import and use by third-party systems.

1. Security and Privacy Considerations:

• We will take appropriate security measures to protect the confidentiality and integrity of the data when providing or transferring personal data.
• We are not responsible for the security and privacy protection of the third party after they receive and process the data. If your personal data is misused after transfer, you need to contact the relevant third party directly to address the issue.

1. Right to Refuse Data Transfer:

• We have the right to refuse data transfer if it involves the rights and interests of a third party (e.g., providing your data may result in the disclosure or violation of someone else’s privacy).
• Additionally, if this request imposes an unreasonable burden on our business or services, we may ask for additional proof or information for reasonable review.

Your Right

Under the Nigerian Data Protection Act, as a data subject, you have the following rights to ensure that your personal data is processed lawfully and securely:

1. Right to be Informed: You have the right to know how your personal data is collected and used. Data controllers must clearly inform you about the purpose, scope, and methods of data processing.
2. Right of Access: You have the right to access personal data that we hold about you. You can request information about data processing, including the source of the data, its purpose, and the ways in which it is used.
3. Right to Rectification: You have the right to request that we correct or update any inaccurate or incomplete personal data. This helps ensure that your information remains up-to-date and accurate.
4. Right to Erasure: In certain cases, you have the right to request the deletion of personal data we hold about you, especially when the data is no longer necessary or when you withdraw consent.
5. Right to Restrict Processing: In some cases, you can request the restriction of processing your personal data, such as when you dispute the accuracy of the data or need more time to assess the legality of the data processing.
6. Right to Data Portability: You have the right to request that we provide your personal data in a structured, commonly used, and machine-readable format, or, where technically feasible, transfer it to another data controller.
7. Right to Object: You can object to the processing of your personal data based on specific situations, especially if the processing is done for public interest or legitimate interests. If you object, we will stop processing your data unless there are compelling reasons or legal requirements.
8. Right to Withdraw Consent: If your data processing is based on consent, you have the right to withdraw your consent at any time. Withdrawing consent does not affect the lawfulness of data processing carried out prior to the withdrawal.
9. Right to Lodge a Complaint: If you believe your rights have been violated or your data has been processed in a manner that does not comply with data protection laws, you have the right to lodge a complaint with the Nigerian Data Protection Bureau or other relevant regulatory authorities.

Contact us:

If you have any questions about this Privacy Policy, you can contact us:

By email: Nicekash.ng@gmail.com.