Privacy Policy

Last updated: JuLY 13, 2023

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

  1. Introduction

    Omnipay is provided by OmniPay Limited (“OmniPay”).

At OmniPay, we value your privacy, and we are committed to safeguarding your personal information. All personal data that you provide us will be protected and kept confidential among our affiliates, representatives, and privies.

Throughout the website, the terms “we”, “us” and “our” refer to OmniPay.

This Privacy Policy explains how we collect, use, share and protect your personal data in connection with your use of our services. This policy also sets out your rights and whom you may contact for further information.

You agree to this Privacy Policy by visiting our website and when you use our services.

Your use of our services, and any dispute over privacy is subject to this Policy and our Terms of Service, including its applicable limitations on damages and the resolution of disputes. Our Terms of Service are incorporated by reference into this Policy.

Our website is hosted in Nigeria and is subject to the laws of the Federal Republic of Nigeria. If you are accessing our website from other jurisdictions, please be advised that you are transferring your personal information to us in Nigeria, and by using our website, you are agreeing to the transfer and use of your personal information in accordance with this Privacy Policy. You also agree to abide by the applicable laws of the Federal Republic of Nigeria concerning your use of the website and your agreements with us.

Our website and services are not directed at you if we are prohibited by any law of any jurisdiction from making the information on our website available to you and is not intended for any use that would be contrary to local law or regulation.

  1. Definitions
“consent” means the consent of the data subject which must be a freely given, specific, informed, and unambiguous indication of the data subject’s wishes by which they (by a statement or by a clear affirmative action) signify their agreement to the processing of personal data relating to them;
“data subject” means a living, identified, or identifiable individual about whom OmniPay holds personal data;
“Data Protection Legislation” means all applicable data protection and privacy laws including, but not limited to the Nigeria Data Protection Regulation 2019 (NDPR), the General Data Protection Regulation, the Data Protection Implementation Framework 2020 (DPIF), and any successor legislation;
“personal data” means any information relating to a data subject who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that data subject;
“personal data breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored, or otherwise processed;

  1. Consent

    1. Where processing of your personal data is based on consent, we shall obtain the requisite consent at the time of collection of the personal information. In this regard, you consent to the processing of your personal information when you access our website, or use our services, content, features, technologies or functions offered on our website or other digital platforms. You can withdraw your consent at any time, but such withdrawal will not affect the lawfulness of the processing of your data based on consent given before its withdrawal.
    2. Where your personal data is to be processed for a different purpose that is incompatible with the purpose or purposes for which that personal data was originally collected that was not disclosed to you when you first provided your consent, we will obtain your consent to the new purpose or purposes.

  2. Age Restriction

    1. You affirm that you are over 18 years old and have the right to contract in your own name, and that you have read the above authorisation and fully understand its contents.
    2. Individuals under 18 (eighteen) years old are only allowed to sign up for our services or provide us with their information when an adult above the age of 18 (eighteen) is signing contracts in their stead.

  3. Data Protection Principles

    The Data Protection Legislation sets out the following principles with which anyone handling personal data must comply. We, our employees, agents, contractors and third-party service providers comply with the following principles when collecting or processing your personal data. All personal data must be:

    1. processed lawfully, fairly, and in a transparent manner in relation to the data subject;
    2. adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed;
    3. accurate and, where necessary, kept up to date. Every reasonable step must be taken to ensure that personal data that is accurate, having regard to the purposes for which it is processed, is erased, or rectified without delay;
    4. kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed. Personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, subject to implementation of the appropriate technical and organisational measures required by the Data Protection Legislation in order to safeguard the rights and freedoms of the data subject;
    5. processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.

  4. Information We Collect.

    In providing our services to you, we collect certain non-personal and personal data about you. Our policy is to keep this information confidential and strictly safeguarded, and to use or disclose it only as needed to provide services to you, or as permitted or required by the Data Protection Legislation.

    There are two categories of information we collect. We collect a variety of information from our users and visitors to our website. As described below, some information is automatically collected when you visit our website, and some you provide to us when filling out a form or communicating with us.

    1. Information Collected Automatically: Whenever you visit our website, our web servers automatically collect non-personal information such as the domain name of the internet access provider, the internet protocol address used to connect the computer to the internet, the average time spent on our website, pages viewed, information searched for, access times, and other relevant statistics.
    2. Information You Provide Us: If you provide us with personal information, by contacting us, or subscribing to our services we collect the following personal information:
      1. Username and password;
      2. Contact information;
      3. Information concerning your identity e.g., a valid government-issued identity card and your nationality;
      4. Business information: e.g. business address, business contact information, information about your services and business such as the nature of services provided, description of services, duration and prices, business hours, payment preferences, cancellation fee, and pictures you choose to publish through the Service;
      5. Financial information; and
      6. Any other information you provide to us or direct us to collect.
    3. Other information which may be automatically collected from you when you visit our website include domain name of your internet service provider, the internet protocol address used to connect the computer to the internet, the average time spent on our website, pages viewed, information searched for, access times, your geographical location, operating system, referral source, and other relevant statistics.

  5. Using Your Personal Data

    1. We primarily collect your personal data to ensure that we provide the most efficient service to you, monitor the use and improve our website and other legitimate interests. Your information will solely be used and disclosed for the following purposes:
      1. To help us verify your identity,
      2. To carry out our obligations ensuing from any contracts entered into between you and us,
      3. To provide you with the products, services and information you request from us, including sharing your information with third parties where we have legal basis to do so,
      4. To assist you with enquiries and improve our customer service,
      5. To allow us to communicate with you in any way (including e-mail, telephone, and text or multimedia messages),
      6. For our billing and account purposes,
      7. To help prevent and detect fraud or loss,
      8. To update our records,
      9. To send you service or support messages, such as updates, security alerts, email notifications and /or newsletters,
      10. To conduct investigations and risk assessments, and
      11. For compliance with legal and regulatory obligations.
    2. Employees, agents, contractors, or other parties working on behalf of OmniPay shall collect your personal data only to the extent required for the performance of their job duties and only in accordance with this policy. Excessive personal data shall not be collected.
    3. Employees, agents, contractors, or other parties working on behalf of OmniPay shall process your personal data only when the performance of their job duties requires it. Your personal data held by OmniPay cannot be processed for any unrelated reasons.

  6. Data Accuracy

    Your personal data must be accurate and kept up to date. In this regard, OmniPay shall ensure that any data it collects and/or processes is accurate and not misleading in a way that could be harmful to you; make efforts to keep your personal data updated where reasonable and applicable; and make timely efforts to correct or erase your personal data when inaccuracies are discovered.

  7. Data Retention

    We will retain your information for as long as your account is active or as needed to provide you with our services, comply with our legal and statutory obligations or verify your information with a financial institution.

    OmniPay is statutory obligated to retain the data you provide us with in order to process transactions, ensure settlements, make refunds, identify fraud and in compliance with laws and regulatory guidelines applicable to us, our banking providers and credit card processors. Therefore, even after closing your OmniPay account, we will retain certain data in order to comply with these obligations.

    OmniPay shall not keep personal data for any longer than is necessary in light of the purpose or purposes for which that personal data was originally collected, held, and processed.  In the case of your financial data, the purpose for which the data was collected is to provide you with our services. Unless OmniPay is statutory bound to retain for a longer period of time or receives a valid request to erase your data, the data is retained for [insert length of time] after you actively stop using our services or products. This allows your record to be maintained.

  8. Other Information We Collect

    We may also collect information from you using cookies and other analytical tools especially when you use our products and services.

    We may collect information about you or others from our affiliates or from third-party sources. For example, we may, in our sole discretion, ask for and collect supplemental information from non-affiliated parties, such as information to verify your identity or information for other fraud or safety protection purposes, to the extent permitted by law. We may combine information collected from you through the Services with information obtained from third parties and information derived from other products or services we offer.

  9. Data Confidentiality

    Your information is regarded as confidential and will not be divulged to any third party, except under legal and/or regulatory conditions. You have the right to request copies of any and all information we keep on you, if such requests are made in compliance with applicable laws and other relevant enactments. While we are responsible for safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes, but is not limited to, adopting and enforcing appropriate security measures such as non-sharing of passwords and other platform login details, adherence with physical security protocols on our premises, dealing with only authorised officers of OmniPay.

  10. Disclosures

    1. We will not sell, publish, or disclose to third parties your personal data collected on our website, through our servers or otherwise obtained by us, other than to provide our services and as set forth in this policy. We may share generic aggregated demographic information not linked to any Personal Data regarding visitors and users with our business partners, trusted affiliates, professional advisers and advertisers for the purposes outlined above. We may share your information with these third parties for those limited purposes if you have given us your permission and in compliance with the Data Protection Legislation.
    2. We may request and provide Personal Data about you from and to third parties to provide our services. We may share Personal Data with service providers, affiliates, partners, and other third parties where it is necessary to provide the products and services, or for any other purposes described in this Privacy Policy.
    3. Your Personal Data may be provided as necessary to the following categories of recipients: security, insurance, professional advisory (including legal, accounting and auditing advice), banking, payment processing, facilitating credit arrangements, credit reporting, fraud checks, data storage, information processing, order tracking, marketing, online communications technology services, and other trusted third parties with whom we have an agreement for the protection of your information, or government/regulatory/law enforcement agencies pursuant to legally binding order.
    4. We will notify you as soon as we become aware of a harmful data breach which may result in a risk of your rights and freedom.
    5. You have the right to request an erasure of your data at any time.
    6. We will notify you if we are transferring your data.
    7. You may request at any time that we halt further dissemination of your data or cease to use your data.
    8. If you submit content in a public forum or a social media post, or use a similar feature on our website, that content is publicly visible.
    9. We may disclose Personally Identifiable Information if required to do so by law or in the good faith belief that such action is necessary to (a) conform with the requirements of the law or comply with legal process served on us, or (b) act in urgent circumstances to protect the personal safety of users of our service or members of the public.
    10. To the extent practicable and legally permitted, we will attempt to advise you prior to any such disclosure, so that you may seek a protective order or other relief limiting such disclosure.

  11. Transfer of Personal Data

    1. Third Party Processor

We may engage the services of third parties in order to process your personal data. The processing by such third parties shall be governed by a written contract with OmniPay to ensure adequate protection and security measures are put in place by the third party for the protection of your personal data in accordance with the terms of this policy and the Data Protection Legislation.