Privacy Policy

Revision Date: March 11, 2025

Introduction

This Privacy Notice explains how Nomba Financial Service Limited (“Nomba”, “we” and “us”) collects, uses, disclose, transmit, share, erase and otherwise handle your data and personal information when you visit our website or APP or sign up for a Nomba Account (collectively referred to as “Services”).

You accept this Privacy Policy and hereby give Nomba consent to save, process and use your Personal Data to the extent as allowed by law when you provide us with details of your Personal Data or by clicking on the “accept” button. You have the right to withdraw your consent at any time, provided that we do not have another legal basis to keep processing your Personal Data.

We may change this Privacy Policy from time to time. If we make changes, we will notify you by revising the date at the top of this policy, and in some cases, we may provide you with additional notice (such as by adding a statement to the homepages of our website or mobile application or by sending you an email notification).
We encourage you to review the Privacy Policy whenever you interact with us to stay informed about our information practices and the ways you can help protect your privacy.

What Data Do We Collect

We may collect and process the following information about you:

  • Information about you that is personally identifiable like your name, address, email address, phone number, date of birth, BVN, gender, debit card details, bank information and other information we deem necessary and not otherwise publicly available. This information is obtained from a variety of sources, such as: website visits, applications, identification documents, personal financial statements, interactions with relationship managers, and other third parties (credit bureaus, payment gateways, other financial institutions) and other written or electronic communication reflecting information about you.

  • We may also collect and use your transactional account history including your account balance, payment records, and debit/credit card usage.

  • We may also collect and use information received from third parties such as family, solicitors, friends or employers, website/ social media pages made public by you, government agencies, regulators, supervisory or credit agencies.

  • Information that you provide to us, for example when you fill out a contact or web form, or if you register to receive alerts or updates.

  • When you provide your Personal Data while signing up for a service or purchasing a product.

  • Personal Data that we obtain or learn, such as information about the browser or device you use to access this site, how you use this site and the pages you visit, traffic and location data.

  • When you contact our customer support whether by phone, email, or chat

    • How Do We Collect Your Data

    You directly provide Nomba with most of the data we collect. We collect and process data when you register and activate a Nomba Wallet on the Nomba Service (s), use or view our website via your browser’s cookies. Information about your computer hardware and software i.e., your internet protocol address, browser type, operating system, domain name, access time and date and other technical information about your means of connection to the Nomba Service (s) is automatically collected

    How Will We Use Your Data

    We may use your Personal Data, including non-public Personal Data as follows:

  • We use the information to process your registration, fulfill your service order maintain the quality of our service, generate statistics about our Nomba Service (s) visitors, facilitate payment in respect of services rendered to you, customize and improve the content of our Nomba Service (s), fulfill any other request you have made, conduct research and generally enhance our service delivery to you.

  • The information collected is also used to prepare reports for our internal use and for our current or potential partners e.g., investors, sponsors, advertisers and other potential Users.

  • Verify your identity and prevent fraud.

  • Send you technical notices, updates, security alerts and support and administrative messages..

  • Carry out any other purpose for which the Personal Data was collected.

  • Communicate information about special features of the Nomba Service (s) or any other service we think may be of interest to you. Occasionally, we might want to provide you with related information from third parties we think may be of interest to you. Your information could also be provided to selected third parties, our affiliates or subsidiaries whose services we believe may be of interest to you. If you do not wish to receive these kinds of communications, you can opt out by unchecking the appropriate announcement boxes during registration or on the user profile page on the Nomba Service. Alternatively, you can send an email to [email protected].

  • We sometimes hire other companies to provide services on our behalf e.g., performing statistical analysis of our service etc. These companies may use your personal information and or communicate with you. We will only provide those companies with the information necessary to provide us with such services and we shall prohibit them from using that information for any other purpose.

  • We reserve the right to disclose information about you or your use of the Nomba Service (s) in compliance with any legal process (i.e., any statutory demand, subpoena, warrant or court order) to protect against fraudulent, abusive, unlawful use of the Nomba Service (s), to protect our rights or property, to defend the personal safety of Users or when we believe in good faith that a situation involving danger or injury to any person requires disclosure.

    • We shall not sell, share or offer information about you with third parties except in the manner described in this policy. Nomba is based in Nigeria and the information we collect is governed by the Nigeria Data Protection Act (NDPA) and Regulations made thereto and Nigeria Data Protection Regulation (NDPR) as well as other regulations made hereunder; (together “Nigeria Data Protection Laws"). By accessing or using the Services or otherwise providing information to us,you consent to the processing and transfer of information in and to Nigeria and Europe.

    Collection and Use of Face Data

  • Information Collected: We use the TrueDepth API to capture 3D spatial orientation and facial expressions

  • Purpose of Collection: This data is used to ensure the selfie being taken is of a live user, for authentication, and to reduce fraud.

  • Data Sharing: The ARKit information is processed entirely locally on the device and is not shared with any third parties

  • Data Storage: The facial data collected through the TrueDepth API is stored locally on the user’s device and is not transmitted to our servers or any third-party servers.

    • Information From Other Sources

    We sometimes supplement the information that we receive on the Nomba Service (s) with information from other sources. Such outside sources include information from third parties which enable us to reconcile our accounts, search results, links and paid listings which we use to help prevent and detect fraud.

    Disclosure of Information

    Nomba only discloses Personal Data with other companies or individuals in the following limited circumstances:

  • We may provide such Personal Data to affiliated companies or other trusted businesses or persons for the purpose of processing Personal Data on our behalf. We require that these parties agree to process such Personal Data based on our instructions and in compliance with the Nigerian Data Protection Laws and any other appropriate confidentiality and security measures. When they no longer need your Personal Data to fulfil this service, they will dispose of the details in line with the Nigerian Data Protection Laws.

  • We may provide such Personal Data to affiliated companies or other trusted businesses or persons for the purpose of processing Personal Data on our behalf. We require that these parties agree to process such Personal Data based on our instructions and in compliance with the Nigerian Data Protection Laws and any other appropriate confidentiality and security measures. When they no longer need your Personal Data to fulfil this service, they will dispose of the details in line with the Nigerian Data Protection Laws.

  • With other third-parties such as email service providers that perform marketing services on Nomba’s behalf.

  • With other non-affiliated companies for our everyday business purposes, such as to process transactions, maintain accounts, respond to court orders and legal investigations.

  • In response to a request for Personal Data, if we are required by, or we believe disclosure is in accordance with, any applicable law, regulation or legal process.

  • With relevant law enforcement officials or other third parties, such as investigators or auditors, if we believe it is appropriate.

  • In connection with, or during negotiations of, any merger, sale of Nomba’s assets, financing or acquisition of all or a portion of our business to another company; and

  • With your consent or at your direction, including if we notify you that the Personal Data you provide will be shared in a particular manner and you provide such Personal Data.

  • We may also share aggregated or de-identified or anonymized Information, which cannot reasonably be used to identify you.

    • When Nomba does not have a lawful basis for disclosure of your Personal Data, Nomba will obtain consent from you before sharing your Personal Data with third parties. Where Nomba need to transfer your Personal Data to another country, such country must have an adequate data protection law. We will seek your consent where we need to send your Personal Data to a country without an adequate data protection law.

    What are Your Data Protection Rights

    Nomba would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

  • The right to access - You have the right to request Nomba for copies of your personal data. We will respond to your access request within one-month of receiving your request. Where we are not able to provide this personal data to you within the One-Month timeline provided by the Nigerian Data Protection Laws, we will communicate same to you, and may request an additional time within which we will provide the information to you. Your Personal Data shall be provided to you in a structured, commonly used and machine-readable format. We may charge you a small fee for this service.

  • The right to rectification - You have the right to request that Nomba correct any information you believe is inaccurate. You also have the right to request Nomba to complete information you believe is incomplete.

  • The right to erasure — You have the right to request that Nomba erase your personal data, under certain conditions.

  • The right to restrict processing - You have the right to request that Nomba restrict the processing of your personal data, under certain conditions

  • The right to object to processing - You have the right to object to Nomba’s processing of your personal data, under certain conditions.

  • The right to data portability - You have the right to request that Nomba transfer the data that we have collected to another organization, or directly to you, under certain conditions.

  • The right to lodge complaint – You have a right to lodge a complaint about the handling of your Personal Data with the Nigeria Data Protection Commission (NDPC) at https://ndpc.gov.ng/

    • How Long We Keep Your Personal Data

    We will hold your Personal Data on Nomba systems for as long as it is necessary to fulfil the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements.

    What are Cookies

    Cookies are small text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.

    How Do We Use Cookies

    Nomba uses cookies in a range of ways to improve your experience on our website, including:

  • Keeping you signed in and making your online experience more individualized

  • Understanding how you use our website and for your convenience, help you save time when next you visit.

    • How To Manage Cookies

    You have the ability to decline cookies by modifying your browser settings. If you opt out of receiving cookies, you may not be able to fully experience the interactive features of the Nomba Service (s).

    Links - Privacy Policies of Other Websites

    Nomba website may contain links to other websites. This privacy policy Nomba Service (s)lies only to our website, so if you click on a link to another website, we encourage you to read their privacy policy.

    Communities and Forums

    Any personally identifiable information that you disclose through any message boards, chats windows on this Nomba Service (s) may be collected and used by others. We recommend caution when giving out information to others.

    Security Commitment

    We are a PCI-DSS and ISO-2700 certified company. We employ appropriate technical and organizational security measures to prevent unauthorized access to information that we collect online. We have also taken measures to comply with provision of security facilities for the protection of your Personal Data through the set-up of firewalls, limited access to specified authorized individuals, encryption and continuous capacity building for relevant personnel. We therefore have digital and physical security measures to limit and eliminate possibilities of data privacy breach incidents]. In the unlikely event of such an occurrence; if we determine that such a breach poses a threat to your rights and freedoms and a data owner? We will notify you of the breach and all steps we have taken to ensure that your information remains secure and private.

    You are required by Governing Regulations and best practice standards to implement and maintain an accurate record of Our end users, and transactions. Please note that as a User with Nomba, you are bound by the rules of the National Information Technology Development Agency (NITDA) and will be held to account on all points of compliance with this regulation including without limit, the implementation and maintenance of appropriate security measures.

    Access and Control of Information

    You can access, edit and delete some information that we collect and process about you. For example, you can edit and update personally identifiable information including your name, email address, phone number etc. We want to ensure that your personal information is accurate and up to date. If the information that you have provided changes i.e., your email address, name or other personally identifiable information, please let us know or forward the correct details by sending an email to [email protected], we may correct any information that we think is inaccurate

    Occasionally, we may choose to send emails concerning Nomba Service (s) disruptions, new products and other news about our Nomba Service (s) to registered Users and are not subscription based. Such emails are considered a part of our Nomba Service (s)’s services to Users. You can decide to opt out of this notification at any time by notifying us via an email to [email protected]

    Business or Asset Transfer or Sale

    We may choose to acquire, or sell business assets of our business or merge with another business. In such transactions, information obtained from you is generally one of the transferred business assets. In the event of such transfer, we will make reasonable efforts to provide notice on the Nomba Service (s) and to notify you of any change in ownership or control of your personal information. Any casual inadvertence in providing such notification shall be considered a breach of our obligation under the policy.

    Where We Store Your Personal Data

    The Personal Data Nomba collects from you may be transferred to and stored at a destination outside Nigeria. By submitting your Personal Data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your Personal Data is treated securely with an appropriate level of protection and that the transfer is lawful.

    Breach / Privacy Violation

    In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data, Nomba shall within 72 (Seventy-Two) hours of having knowledge of such breach report the details of the breach to the Commission.

    Furthermore, where we ascertain that such breach is detrimental to your rights and freedoms in relation to your Personal Data, we shall within 7 (Seven) days of having knowledge of the occurrence of such breach take steps to inform you of the breach incident, the risk to your rights and freedoms resulting from such breach and any course of action to remedy said breach.

    Conditions of Use

    By registering on the Nomba Service (s), you signify your acceptance of this policy and the Nomba Service (s)’s Terms and Conditions of Use. If you do not agree to this policy, please do not use the Nomba Service (s). By submitting your personal information, you consent to the use of that information as set out in this policy. You confirm that you have the consent to provide any information you have furnished on the Nomba Service (s). Your continued use of the Nomba Service (s) following the posting of changes to this policy will be deemed your acceptance of those changes.

    Nomba Service (s) ACCESS

    In order to access the Nomba Service (s) and all its features, you must register and activate a Nomba account, which will provide you with full access to the Nomba Service (s).

    Children under the age of 18 are not permitted to register or use the Nomba Service (s) or any functionality contained on it.

    How To Contact Us

    If you have any questions about Nomba’s privacy policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact Nomba Data Protection officer via [email protected].
    You can also reach us via email to: [email protected]

    Get a free Nomba
    account

    Change how you spend, manage and save money
    Google Play App Store

    Nomba Financial Services Limited

    (Licensed by the Central Bank of Nigeria)

    Flag Nigeria
    Nigeria

    16 Billings Way Oregun Ikeja, Lagos, Nigeria

    19b Bosun Adekoya Street, Lekki Phase 1, Lagos, Nigeria

    Flag US
    United States

    580 California St, 12th Floor, San Francisco, CA 94104

    © 2025 Nomba, all rights reserved