Nsukka MfB

Financial Institution

NSUKKA MICROFINANCE BANK LTD: PRIVACY POLICY

1. Introduction

Nsukka Microfinance Bank Ltd (“the Bank”, “We”, “Us”, or “Our”) is committed to protecting the privacy and security of your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile banking application, website, and in-branch services in compliance with the Nigeria Data Protection Act (NDPA) 2023.

2. Data We Collect

To provide seamless financial services, we collect the following categories of information:

  • Identity Data: Full name, date of birth, gender, and photographs.
  • Contact Data: Residential address, email address, and phone number.
  • KYC & Regulatory Data: Bank Verification Number (BVN), National Identification Number (NIN), and valid government-issued ID.
  • Financial Data: Account numbers, transaction history, loan records, and card details (processed securely).
  • Technical & Usage Data: IP address, device type, operating system, and unique device identifiers (IMEI/UUID).
  • Biometric Data: Fingerprints or facial recognition data (used solely for app authentication and identity verification with your explicit consent).

3. Lawful Basis for Processing

Under Section 25 of the NDPA, we process your data based on:

  • Consent: Your explicit agreement when signing up for our mobile app.
  • Contractual Necessity: To manage your account and process transactions.
  • Legal Obligation: To comply with Central Bank of Nigeria (CBN) and Anti-Money Laundering (AML) regulations.
  • Legitimate Interest: To detect fraud and improve our app security.

4. How We Use Your Data

We use your information to:

  • Onboard you as a customer and verify your identity.
  • Process fund transfers, bill payments, and airtime purchases.
  • Assess creditworthiness for loan applications.
  • Send transaction alerts and critical security updates.
  • Prevent, detect, and investigate financial crimes or unauthorised access.

5. Data Sharing and Disclosure

We do not sell your personal data. We only share information with:

  • Regulators: Such as the CBN, NDPC, and Law Enforcement Agencies.
  • Service Providers: Licensed payment processors switching companies, and SMS gateways.
  • Credit Bureaus: For credit reporting as mandated by law.
  • Auditors: For mandatory annual compliance and financial audits.

6. Data Security (The GXL Standard)

We implement rigorous technical and organisational measures to ensure your data is protected:

  • Encryption: Data is encrypted in transit and at rest.
  • Access Control: Only authorised personnel with a “need-to-know” basis can access sensitive data.
  • Monitoring: Continuous threat hunting and log analysis to prevent probes into configuration files or databases.

7. Your Rights as a Data Subject

Under the NDPA 2023, you have the right to:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Correct inaccurate or incomplete information.
  • Erasure (“Right to be Forgotten”): Request deletion of data where there is no legal requirement for its retention.
  • Portability: Request the transfer of your data to another service provider.
  • Withdraw Consent: Withdraw your consent for marketing or specific processing at any time.

8. Data Retention

As a regulated financial institution, we retain your data for as long as necessary to fulfil the purposes for which it was collected, typically ten (10) years after the termination of the account relationship, as mandated by CBN regulatory guidelines.

9. Cross-Border Transfers

Your data is primarily stored in Nigeria. Where we use local and/or international cloud service providers, we ensure that such transfers are protected by Standard Contractual Clauses (SCCs) and comply with the adequacy requirements of the NDPC.

10. Contact Our Data Protection Officer (DPO)

If you have questions about this policy or wish to exercise your rights, don’t hesitate to get in touch with our DPO:

Email: contact@nsukkamfb.com

Copy: nsukkamfb@nambnigeria.org

Address: 99, Enugu Road, Nsukka, Enugu State, Nigeria.

Office phone: (+234)802 546 4059

Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None