1. Introduction

Mayden Microfinance Bank Limited is a financial institution licensed by the Central Bank of Nigeria (CBN) to provide banking services to individuals, small and medium-sized enterprises (SMEs), and corporate clients. Our services are accessible at our Head Office and through digital platforms including internet and mobile banking.

Customers and potential customers can engage with our services through these platforms and our website.

By opening an account, subscribing to our products, or using our services---whether at our office or online---you provide personal identifiable information (PII) to us.

This document outlines the Bank's policies regarding the collection, use, storage, transmission, disclosure, and destruction of personal information.

The Privacy Policy is available both on our website and at our office. We strongly encourage you to read it carefully before using our services.

By opening an account or using any of our services, you consent to the processing of your personal data in accordance with this policy.

Unless stated otherwise, terms used in this Privacy Policy have the same meanings as those in our Terms and Conditions.

2. Information We Collect

2.1. Information You Provide Directly

We collect the following information when you interact with our services:

• Full name
• Phone number and email address
• Home and business address
• Date of birth
• Gender and occupation
• Means of identification (e.g., National ID, Passport, Driver's License)
• Bank Verification Number (BVN)
• Passport photo
• Signature
• Employment and income details
• Preferences related to loans or savings

2.2. Financial and Transactional Information

• Bank account details
• Transaction history (credits and debits)
• Loan applications and repayment records
• Debit card usage
• Wallet activity

2.3. Cookies and Tracking

Cookies are used on our website/app to track behaviour, personalize your experience, and improve services. You can disable cookies via your browser settings.

3. How We Use Your Information

We process your data to:

• Open and manage your account
• Deliver financial products and services
• Verify identity (KYC/AML compliance)
• Assess creditworthiness and process loan applications
• Handle fund transfers, deposits, and withdrawals
• Send alerts and service updates
• Share educational materials, offers, or promotions
• Improve our platforms and detect fraud
• Fulfill legal and regulatory obligations

4. Legal Basis for Processing Your Data

We process data based on:

• Consent -- When you voluntarily provide data or opt in
• Contract -- To meet obligations for account and loan management
• Legal Obligation -- In compliance with CBN, NDIC, EFCC, NDPC, etc.
• Legitimate Interest -- For improving services, fraud prevention, and analytics

5. Data Sharing and Disclosure

We do not sell or trade your personal data. Your information may be shared under strict confidentiality with:

• Regulatory agencies (CBN, NDIC, EFCC, NDPC, etc.)
• Licensed credit bureaus
• Payment processors (e.g., Interswitch, Flutterwave)
• Core banking and tech vendors (e.g., BankOne)
• Secure cloud and infrastructure providers
• Legal/compliance partners
• Law enforcement when required by law

All third-party service providers must comply with strict confidentiality and security obligations.

6. Website Visitors

For website users, we may process:

• Name, contact number, email, IP address, browser data, and location

Purposes:

• Respond to inquiries (based on consent)
• Analyze website traffic
• Improve user experience

7. Data Security

We implement industry-standard safeguards to protect your data, including:

• End-to-end encryption
• Two-factor authentication
• SSL encryption on platforms
• Regular security audits and penetration tests
• Role-based internal access controls
• Staff training on data privacy

8. Data Retention

We retain personal data:

• As long as your account is active
• To comply with legal and audit obligations
• To resolve disputes or enforce agreements

Data no longer required will be securely deleted or anonymized.

9. Your Data Rights

Under NDPR and applicable laws, you have the right to:

• Access your personal data
• Request corrections to inaccurate data
• Withdraw consent for non-essential processing
• Request deletion (where applicable)
• Object to specific uses like marketing
• Lodge complaints with the Nigeria Data Protection Commission (NDPC)

To exercise these rights, contact our DPO (see Section 14).

10. Privacy Governance

Mayden MFB maintains a structured privacy framework that includes:

• Data Privacy Policy
• Personal data processing protocols
• Security procedures
• Annual privacy policy reviews
• Appointed Data Protection Officer
• Staff training on privacy practices
• Privacy compliance assurance measures

11. Children's Data

Our services are for users aged 18 and above. We do not knowingly collect personal information from minors. If identified, such data will be deleted promptly.

12. Updates to This Policy

We reserve the right to update this Privacy Policy in response to changes in our practices, laws, or technology. Users will be notified through our platforms or by email. Changes take effect upon publication.

13. Third-Party Links

Our platforms may link to external websites. We are not responsible for the privacy practices or content of third-party sites. Please review their privacy policies before interacting.

14. Contact Us