Privacy Policy

Effective Date: June 15, 2025

1. Scope

This policy applies to all users of the Laskad mobile application and web platform. By using our services, you consent to the practices described in this policy.

2. What Information We Collect

We may collect the following categories of personal information from you:

  • Identity Information: Full name, phone number, and Bank Verification Number (BVN). Your BVN is verified securely via our partner bank and is not retained by Laskad after verification.
  • Contact Information: Phone number, email address (if applicable).
  • Transaction Data: Payment history, airtime/data purchases, bill payments, and wallet funding activities.
  • Device and Platform Info: WhatsApp user ID, device type (for troubleshooting and analytics).
  • KYC/Verification Data: Provided via our regulated partners (e.g., BVN verification, account setup). BVN is processed securely via our banking partner and not stored on our systems after verification.

3. Legal Basis for Processing

We process your data lawfully under the following bases:

  • Contractual necessity: to provide you with Laskad’s services.
  • Regulatory compliance: especially with CBN, NDIC, and AML requirements.
  • Consent: You give us permission to process your data by tapping “I consent” during onboarding.
  • Legal Obligation: For identity verification and compliance with Anti-Money Laundering (AML) and Know-Your-Customer (KYC) requirements.
  • Legitimate Interest: For providing secure and efficient services through our partners.

4. How We Use Your Information

We use your information to:

  • Create and verify your financial account via Safe Haven Microfinance Bank.
  • Process payments and display your transaction history.
  • Provide customer support and resolve disputes.
  • Improve our platform’s security and performance.
  • Fulfill legal obligations (e.g. fraud detection, AML reporting).

5. Data Sharing

We share your data only with regulated partners who provide critical services:

  • a. Safe Haven Microfinance Bank: For account creation, identity verification, and financial transaction processing. Safeguards: Licensed by the Central Bank of Nigeria (CBN), audited annually by NDIC.
  • b. Lint Technologies: For biometric and document verification, fraud screening, and secure transaction routing. Safeguards: ISO 27001 certified; governed by NDPR-aligned Data Processing Agreements (DPAs).
  • c. Regulators and Law Enforcement: Only in response to legal obligations, valid court orders, or lawful regulatory directives.

6. Data Security

We maintain strong technical and organizational measures to secure your data, including:

  • AES-256 encryption in transit and at rest
  • Role-based access controls
  • Annual penetration testing
  • Secure storage of authentication credentials
  • Data Processing Agreements (DPAs) with third-party vendors

7. Data Retention

We retain data only as long as necessary:

  • BVN: Automatically deleted 48 hours after verification.
  • Transaction Data: Retained for 7 years, per financial recordkeeping laws.
  • Inactive Users: Personal data is deleted after 2 years of inactivity, unless required by law to retain it longer.

8. Your Data Rights

Under the NDPR, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Withdraw consent at any time
  • Request deletion of your data (subject to regulatory retention obligations)

To exercise your rights, please email: privacy@laskad.app

9. Breach Notification

In the unlikely event of a breach affecting your data, we will:

  • Notify NDPB within 72 hours of qualifying breaches
  • Alert affected users via SMS/WhatsApp
  • Publish remediation steps on our website

10. Policy Updates

We may update this Privacy Policy periodically. We will notify you via the app or your registered email address. Continued use after updates means you accept the revised terms.