Logo
Tripacash Download

TripaCash Ltd. Privacy Policy

Last Updated: July 24, 2025

1. INTRODUCTION

Welcome to TripaCash Ltd. ("TripaCash," "we," "us," or "our"). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you access or use our website, applications, and related services (collectively, "Services"). We respect your privacy and are committed to protecting your personal data in compliance with the Nigeria Data Protection Regulation (NDPR), Central Bank of Nigeria (CBN) guidelines, National Interbank Settlement System (NIBSS) regulations, and applicable international standards.

By using our Services, you consent to the data practices described here. Please read this policy carefully to understand how your information is handled.

2. PRIVACY MISSION STATEMENT

At TripaCash, protecting your privacy is paramount. We process your personal data responsibly, lawfully, and transparently, ensuring you have control and clarity over how your information is managed. We continuously align our practices with evolving regulatory requirements and global best practices to foster trust and security.

3. GENERAL PRINCIPLES FOR PROCESSING PERSONAL DATA

We abide by the following core principles when handling your personal data:

  • Lawfulness, Fairness, and Transparency: All data processing is lawful, fair, and transparent.
  • Purpose Limitation: Data is collected solely for explicit, legitimate purposes and not repurposed inconsistently.
  • Data Minimization: Only data necessary for processing purposes is collected.
  • Accuracy: Personal data is kept accurate and up to date.
  • Storage Limitation: Data retention is limited to what is strictly necessary or legally mandated.
  • Integrity and Confidentiality: Data is safeguarded with appropriate security measures against unauthorized access or loss.

4. LAWFUL BASIS FOR COLLECTING AND PROCESSING PERSONAL DATA

We process your data under the following legal bases:

  • Consent: Explicit permission for specific processing activities.
  • Contractual Necessity: To perform our contract with you and provide Services.
  • Legal Obligations: Compliance with Nigerian laws, including AML/CFT requirements, CBN, and NIBSS regulations.
  • Legitimate Interests: For fraud prevention, security, service improvements balanced against your rights.
  • Vital Interests: To protect your or others' safety in emergencies.

5. INFORMATION WE MAY COLLECT FROM YOU

We may collect the following categories of data:

  • Identity Data: Name, date of birth, government-issued identifiers (e.g., NIN, BVN), photographs.
  • Contact Data: Email, phone number, postal address.
  • Financial Data: Bank accounts, transaction history, payment card data.
  • Technical Data: IP address, device info, browser type, cookies.
  • Compliance Data: KYC data sourced from third-party providers like Dojah and Mono, including identity verification, bank account linkage, and loan application details.
  • Marketing Preferences: Opt-in consents and subscription data.

6. HOW WE COLLECT INFORMATION

Information is gathered through:

  • Direct interactions (sign-ups, form submissions, support requests).
  • Automated technologies (cookies, tracking pixels, analytics).
  • Third-party sources (licensed KYC and payment verification providers).

7. HOW WE USE YOUR PERSONAL DATA

We use your data to:

  • Verify your identity and comply with CBN, NIBSS, and AML/CFT regulations.
  • Enable your use of TripaCash services, including payments, transfers, and loans.
  • Detect, prevent, and investigate fraud or unauthorized activities.
  • Provide customer support and respond to inquiries.
  • Improve and personalize our Services.
  • Communicate offers, updates, and promotional information (with your consent).
  • Conduct audits and regulatory reporting.

8. DISCLOSURE AND SHARING OF PERSONAL DATA

Your data may be shared with:

  • Authorized payment service providers such as Fidesic, CoralPay, and Mono.
  • KYC service providers like Dojah and Maplerad.
  • Regulatory bodies including CBN, NIBSS, EFCC, and NDPR enforcement agencies.
  • Law enforcement agencies when legally required.
  • Trusted third-party vendors under confidentiality agreements for operational support.

We do not sell your personal information.

9. INTERNATIONAL DATA TRANSFERS

Where applicable, your data may be transferred outside Nigeria. We ensure adequate protection via contractual safeguards and adherence to data protection standards.

10. DATA SECURITY

We implement industry-leading measures aligned with ISO 27001 and CBN cybersecurity directives, including:

  • Encryption in transit and at rest.
  • Multi-factor authentication and access controls.
  • Regular penetration testing and security audits.
  • Continuous staff training on data protection.

11. DATA RETENTION

Personal data is retained only as long as necessary to provide Services and comply with Nigerian AML laws (minimum 5 years retention), CBN, and NIBSS requirements. When no longer required, data is securely deleted or anonymized.

12. YOUR DATA PROTECTION RIGHTS

Under NDPR and Nigerian laws, you have rights including:

  • Access to your personal data.
  • Correction of inaccurate or incomplete data.
  • Deletion requests, subject to legal obligations.
  • Restriction or objection to certain processing activities.
  • Withdrawal of consent.
  • Data portability.
  • Filing complaints with regulatory authorities.

To exercise these rights, contact privacy@tripacash.com.

13. AUTOMATED DECISION-MAKING

We use automated processes (e.g., fraud detection) with human oversight. You may request review of decisions that affect you.

14. COOKIES AND TRACKING TECHNOLOGIES

We use cookies to improve usability, perform analytics, and enhance security. You can manage cookie settings via your browser.

15. ACCOUNT DELETION POLICY

You may request deletion of your account via privacy@tripacash.com. We verify your identity to prevent unauthorized deletions. Some data may remain for compliance or legal reasons.

16. COMPLIANCE WITH CBN, NIBSS, AND PARTNERS LICENSES

TripaCash Ltd. strictly complies with:

  • Central Bank of Nigeria regulations and circulars for fintech and payment providers.
  • National Interbank Settlement System (NIBSS) rules governing payment transactions and PTSP licensing oversight.
  • Compliance mandates of our partners and service providers, including Fidesic, CoralPay, Dojah, Mono, Maplerad, and others.

Our compliance ensures secure, lawful, and efficient operation within Nigeria's financial ecosystem.

17. CHILDREN'S PRIVACY

Services are not directed at persons under 18. We do not knowingly collect data from minors. If discovered, such data will be deleted.

18. LINKS TO THIRD-PARTY WEBSITES

Our Services may contain links to third-party sites. We are not responsible for their privacy practices.

19. MARKETING AND COMMUNICATIONS

You can opt-out of marketing messages anytime by following unsubscribe instructions or contacting us.

20. COMPLAINTS AND CONTACT INFORMATION

If you have questions or concerns about privacy, contact our Data Protection Officer (DPO):

You may also lodge complaints with Nigerian regulatory bodies such as the NDPR Commission or CBN.

21. UPDATES TO THIS PRIVACY POLICY

We will update this Policy as necessary due to regulatory changes or operational improvements. Updates will be published on our website with a revised effective date. Continued use implies acceptance.