Privacy Notices for Appzone Group

Appzone Group (hereinafter referred to as Appzone) takes its customers’ privacy very seriously. This Privacy Notice stipulates the basis for the collection, use and disclosure of personal data by Appzone and its subsidiaries in line with the Nigerian Data Protection Regulation 2019 (NDPR).

Personal Data comprises all the details we hold or collect on our employees, customers, stakeholders, vendors and other interested parties, directly or indirectly and includes any offline or online data that makes a person identifiable such as names, addresses, phone number, passport ID, usernames, passwords, digital footprints, photographs, financial data, assets and liabilities, insurance, savings and investments, health and high-risk information about products and services purchased from us. This data may be received from third parties or collected using our website(s), mobile applications.

With this policy, we ensure USSD code and other digital channels through which we gather, store and handle data are fair, transparent and safeguard individual rights. For the purpose of this Privacy Notice, references to “we” or “us” shall refer to Appzone Group and its entities/subsidiaries.

This Privacy Notice should be brought to the attention of any party who is included in your Policy or on whose instruction you are providing us with their personal data. By providing your personal information or the personal information of someone included in your account information, you acknowledge that we may use it only in the ways set out in this Privacy Notice. We may provide you with further notices highlighting certain uses we wish to make of your personal information.

From time to time, we may need to make changes to this privacy notice, for example, as the result of government regulation, new technologies, or other developments in the data protection laws regime generally. You should check the Appzone website periodically to view the most up to date privacy notice.

1. Definitions

Data Controller” means the publisher and owner of the Website and the party also responsible for the collection of data.

Data Protection Officer” means the party responsible for overseeing data protection strategy and implementation to ensure compliance.

Content” means any content, writing, images, audio visual content or other information published on this Website.

Children” means persons under the age of majority in Nigeria (which is 18 years)

‘’Group” means the parent company and/ or the various  subsidiaries of Appzone Group

“Legal basis” is the foundation for data processing under the NDPR. It is the specific legal grounds for the processing of data by an organisation.

Parties” means both You (the user of the Service) and the Data Controller: VP Corporate Services.

Personal Data” means any personal information collected for you in relation with your use of this service which is capable of identifying you.

Service” means the Website, which is known as: including all pages, sub-pages, all blogs, forums and other connected internet content whatsoever.

Services” means the services offered on the Website.

Third Parties” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

You, Yours” means the user of this Website.

2. Introduction

This Privacy Notice is designed to inform You about the Personal Data we collect, how we collect this data, the use of the data, and your rights relating to the personal data when you use this service or purchase the services offered on the Website.

We are committed to protecting your Personal Data while You use this Website.

By continuing to use our Website, You acknowledge that You have reviewed the Privacy Policy and agree to its terms. This also means that You have consented to the use of Your Personal Data and have accepted the applicable disclosures.

3. Contact

The operator who is also the party responsible for the collection of data is as follows: Appzone Group and can be contacted as follows:

12b Admiralty Way, Lekki, Lagos, Nigeria

The Data Protection Officer is as follows: Appzone group and can be contacted as follows:

12B Admiralty Way, Lekki, Lagos, Nigeria

By continuing to use our Website, You acknowledge that You have reviewed the Privacy Policy and agree to its terms. This also means that You have consented to the use of Your Personal Data and have accepted the applicable disclosures.

4. The Personal Data We Collect From You

We collect various information to enable us provide good Service to all our users. Depending on how our Service will be used, the different types of Personal Data we collect are as follows:

A. All users: We will collect passive information from all users. These information include cookies, IP address information, location information and certain browser information.

B. Sales and billing information: We may collect Your credit and/or debit card information, which includes Your card number, password, etc, Your billing address, Your contact address and other information required for Your purchases.

5. The Personal Data We Collect As You Use Our Service

The information that we collect will depend on our relationship with you

We use the following to collect Personal Data from you:

Log Data: We also use log files which store automatic information collected when users visit this Website. The log data which may be collected are as follows:

(I) the domain and host from which You access the Website;

(II) name of the Internet Service Provider (ISP);

(III) date and time of visit;

(IV) Your computer operating system and browser software;

(V) web pages visited, the duration, and frequency of visits;

(VI) Your Internet Protocol (IP) address.

6. Privacy of Children

We respect the privacy of children. We do not knowingly collect names, email addresses or any other personally identifiable information from children except where this is required to register them as beneficiaries of our services or products.

7. How do we use your personal information?

We collect and use Your Personal Data for the following reasons:

(I) to provide our Service and to maintain and make improvements to the Service we provide to You;

(II) to develop new Services on the Website;

(III) to provide personalized Service to You, including making recommendations and providing personalized content;

(IV) to provide customer service to You;

(V) to provide analytics to understand how our Service is used.

(VI) to conduct internal performance analyses of Appzone Employees using personal data such as Name, Gender, Address, Phone Number, Marital status, Work Experience, Dependencies.


Legal Basis

Under the Nigeria Data Protection Regulation 2019 and equivalent data protection laws around the world. we need a lawful basis to use and process your personal information.

We have set out below the main reasons why we process your personal information and the applicable circumstances when we will do so:

  • Processing is necessary in order for us to provide your banking support services which is based on the legal basis of contract, these include the following:
      1. Appzone Core: This provides retail and commercial banks with cloud-based software for running core operations like accounting, deposits, loans, and customer interactions in a fully digital and automated way.
      2. Appzone Cards: This helps to digitise and automate card operations across banks with the objective to reduce cost while delivering speed and convenience to account holders.
      3. Appzone Lend: This automates the entire lending value chain from origination to disbursement and ultimately repayment collection.
      4. Appzone POS: Point of Sale Transactions helps facilitate  technology that allows agents of banks deliver financial services to underbanked individuals in locations where there are no bank branches.
      5. Appzone Switch: This operates a decentralised interbank payment network powered by blockchain and designed to become the payment infrastructure for Africa’s cashless future.
  • We may use cloud storage solutions within or outside Nigeria which are chosen to ensure efficiency and improved performance through up to date technology. It is our legitimate interest to do so.
  • Nigeria Information Technology Development Agency (NITDA) may require us to retain records of our dealings with you, this will be based on legal obligation.
  • To comply with: local or foreign laws, regulations, voluntary codes, directives, judgments or court orders, agreements between any member of Appzone Group and any authority, regulator, or enforcement agency; policies (including the Appzone Group’s policies), good practice, government sanctions or embargoes, reporting requirements under financial transactions legislation and demands or requests of any authority, regulator, tribunal, enforcement agencies [ i.e. the Nigeria Financial Intelligent Unit (“NFIU”) and the Economic and Financial Crime Commission (“EFCC”), or exchange body, this processing activity will be based on a legal obligation.
  • Where we need to use your personal information to establish, exercise or defend our legal rights, for example when we are faced with any legal claims or where we want to pursue any legal claims ourselves. This can be based on either our legitimate interest to defend ourselves or terms of our contract with you.
  • Where we need to use your personal information for reasons of substantial public interest, such as investigating fraudulent claims and carrying out fraud, credit and anti-money laundering checks, identification checks. We process this sort of information based on legitimate interest to protect ourselves from fraud as well as a legal obligation to implement anti-money laundering safeguards.
  • Where we need to communicate with you to resolve complaints or other issues based on our contractual obligations with you.
  • Where you have provided your consent to our use of your personal information. We will usually only ask for your consent in relation to processing your sensitive personal information or when providing marketing information to you (including information about other products and services). This will be made clear when you provide your personal information. If we ask for your consent, we will explain why it is necessary.
  • Where we have appropriate legitimate business, we need to use your personal information such as maintaining our business records, developing and improving our products and services, sharing data with contracted third parties all whilst ensuring that such business need does not interfere with your rights and freedoms and does not cause you any harm.
  • Where we need to use your sensitive personal information such as health data because it is necessary for your vital interests, this being a life or death matter.

8. Who do we share your personal information with?

We might share your personal information with two types of organisations – companies inside the Appzone Group, and other third parties outside the Group. For further details of disclosures, please see below. We won’t share any of your personal information other than for the purposes described in this Privacy Notice. If we share anything outside the Group, it’ll be kept strictly confidential and will only be used for reasons that we’ve described.


8.1 Disclosures within our group

In order to provide our services, your personal information may be shared with other companies in the Appzone Group. Your personal information might be shared for our general business administration, efficiency and accuracy purposes or for the prevention and detection of fraud.

We do not disclose Your Personal Data except for any of the following reasons:

(I) if You have granted us the permission to do so: We will disclose Your Personal Data where we have received Your unequivocal consent and permission to do so. However, such consent may be withdrawn at anytime;

(II) if we are required to do so by an existing law or regulation: We may also disclose and share Your Personal Data for the following reasons:

    • to meet any applicable law, regulation, legal process, or any legal request, such as subpoenas, court orders, requests for administrative or government bodies;
    • to enforce our applicable Terms of Use;
    • to detect, prevent, or address any fraud, security or technical issues;
    • to prosecute or bring any legal action against any user who has violated any law or our Terms of Use.

(III) For any other reason that may be necessary and incidental for the operation of our Website.


8.2. Disclosures to third parties

We also disclose your information to the third parties listed below for the purposes described in this Privacy Notice. This might include:

  • Your relatives or, guardians (on your behalf where you are incapacitated or unable) or other people or organisations associated with you or your lawyer
  • Where you have named an alternative contact (such as a relative) to speak with us on your behalf. Once you have told us your alternative contact, this person will be able to discuss all aspects of your policy (including claims and cancellation) with us and make changes on your behalf.
  • Financial Institutions who are our clients for the provision of both banked and unbanked service provision.
  • Agents to facilitate Agent Banking services
  • Fraud detection agencies and other third parties who operate and maintain fraud detection registers
  • The police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime
  • Central Bank of Nigeria
  • Our third-party services providers such as IT suppliers, auditors, lawyers, marketing agencies, research specialists, document management providers and tax advisers.
  • Customer satisfaction survey providers
  • Disclosure of your personal information to a third party outside of the Appzone Group will only be made where the third party has agreed to keep your information strictly confidential and shall only be used for the specific purpose for which we provide it to them.


We may also disclose your personal information to other third parties where:

  • We are required or permitted to do so by law or by regulatory bodies such as where there is a court order, statutory obligation.
  • We believe that such disclosure is necessary in order to assist in the prevention or detection of any criminal action (including fraud) or is otherwise in the overriding public interest; or
  • Exemptions under the data protection legislation allow us to do so.



 Some of the recipients and technical solutions set out above may be in other countries outside Nigeria.

Where we make a transfer of your personal information outside of Nigeria, in all cases where personal data is transferred to a country which is deemed not to have the same standards of protection for personal data as Nigeria, Appzone will ensure Appropriate Safeguards have been implemented to ensure that your personal information is protected where standards are not the same or similar to those standards within Nigeria. Such steps may include placing the party we are transferring personal information to under contractual obligations to protect it to adequate standards. Occasionally there may also be some circumstances where we are required to transfer your personal information outside of Nigeria and we shall rely on the basis of processing it for being necessary for the performance of your contract.

9. How long do we keep records for?

We keep your personal information for as long as reasonably necessary to fulfil the relevant purposes set out in this Privacy Notice and in order to comply with our legal and regulatory obligations. The length of time we retain personal information for depends on the purposes for which we collect and use it and/or as required to comply with applicable laws and to establish, exercise or defend our legal rights. Appzone has a Data Retention Policy

10. Storage Of Personal Data

We take the security of the Personal Data we collect very seriously, and we take reasonable measures to reduce the risk of accidental destruction, loss or unauthorized access to such information. However, please note that no system involving the transmission of information via electronic storage systems or the internet is completely secure.

The Personal Data and any other information we have about You may be stored for such period as we may determine until You withdraw Your consent. We will also delete your data when you cease to be our customer subject to our contractual and legal obligations.

Note that You can withdraw Your consent to store Your Personal Data at any time. Once this is done, all Personal Data and information we have about You will be deleted.

11. Protection Of Personal Data

As a PCI-DSS Compliant organisation, our Service is built with strong security features that continuously protects your Personal Data. Our security features help us detect and block security threats. If we detect any security risk, we may inform you and guide You through steps to stay protected. We also Encrypt information both at rest and in transit

12. Links To Third-Party Sites Or Services

The website may contain links to other websites which we believe may offer useful information. These linked websites are not under our control and this Privacy Policy does not apply to these websites. We suggest that You contact those websites directly for information on their privacy policy, security, data collection and distribution policies.

13. Accessing, Modifying And Deleting Your Personal Data

If you wish to access, review, modify any information we have about You, You may do so by simply contacting us on the following email address: You may also request that we delete any information belonging to You that we have stored.

14. Your Rights

Your rights in relation to Your Personal Data are as follows:

(I) the right to have access to Your Personal Data;

(II) the right to be informed about the processing of Your Personal Data;

(III) the right to rectify any inaccurate Personal Data or any information about You;

(IV) the right to review, modify or erase Your Personal Data and any other information we have about You;

(V) the right to restrict the processing of Your Personal Data;

(VI) the right to block Personal Data processing in violation of any law;

(VII) the right to be informed about any rectification or erasure of Personal Data or restriction of any processing carried out;

(VIII) the right to the portability of Your Personal Data; and

(IX) the right to lodge a complaint to a supervisory authority within Nigeria.

15. Contact Information

If You have any questions regarding this Privacy Policy or the Personal Data we collect, or if You wish to exercise any of the data subject rights listed above, make any comments or complaints about anything related to this Privacy Policy, please contact our Data Protection Officer on this email address: