PRIVACY POLICY

This Privacy Policy applies to the website(s) and mobile applications (together, the "Sites") provided by TeamApt Limited, a company incorporated in Nigeria and registered office at 12 Wole Ariyo, Lekki Phase 1, Lagos State, and/or the other Products of the TeamApt Limited ("TeamApt", “we”, “us”) who act as data controllers with respect to the personal data you share with TeamApt under this Policy.

The Sites include www.teamapt.com and additional websites or mobile applications produced and managed by TeamApt. Please note that this Privacy Policy also apply to the following websites:

  • MoniePoint Agency Banking - (www.moniepoint.com), which is accessible from the www.teamapt.com site; and
  • Monnify - (www.monnify.com), which is also accessible from the www.teamapt.com site

TeamApt knows that your privacy is important to you and takes user privacy very seriously. We are committed to protecting your personal data (i.e. any information you provide to us from which you can be identified) in accordance with this Privacy Policy and in compliance with the Nigeria Data Protection Regulation (NDPR) 2019.

TeamApt reserves the right, at its sole discretion, to alter and update this Privacy Policy from time to time. We therefore invite you to review the current version of the Privacy Policy each time you return to our Sites.

TeamApt’s products and services are not designed to appeal to or not available to, persons under the age of 18. Therefore, TeamApt does not knowingly attempt to solicit or receive any information from anyone under the age of 18.

LAWFUL BASES OF PROCESSING

Under the Nigeria Data Protection Regulation (NDPR) 2019, TeamApt must have legal bases in order to process your personal data. The legal bases on which TeamApt may process your data are:

  • Consent: where you have consented for us to process your personal data for one or more specific reasons
  • Performance of a contract: in order to perform a contract we have with you
  • Legal obligation: where processing of the data is required by law. We are also required by law to retain certain information of those that register to open an account with us and the data of customers beyond the date when they cease to be our customers
  • Legitimate interest: in order to carry on the purposes of TeamApt’s business. We also have a legitimate interest in preventing fraud and money laundering and to verify identity, in order to protect our business and our customers; in order to understand how people interact with our website; to provide communication which we think will be of interest to you; to determine the effectiveness of promotional campaigns and advertising

INFORMATION WE MAY COLLECT FROM YOU

TeamApt may need to collect information about you and your computer to allow you to use some of our services. These personal information may include:

  • Identity data: First name, middle name, last name, email, marital status, title, date of birth and gender.
  • Contact data: billing address and telephone numbers.
  • Financial data: bank account, BVN and payment card details.
  • Transaction data: details about payments to and from you and other details of products and services you have subscribed to.
  • Technical data: internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
  • Profile data: your username and password, your interests, preferences, feedback and survey responses.
  • Usage data: information about how you use our website, products and services.
  • Marketing and communications data: your preferences in receiving marketing from us and our third parties and your communication preferences.

How We Collect Your Personal Information:

  • Direct Engagement: when you register or log on to the website or when you choose to use an available TeamApt service via the website, mobile app, including when you fill out forms, transfer any policies into our agency, upload any documentation, send TeamApt any communication by email, phone or post, make an enquiry, or any other communication that TeamApt receives directly or indirectly from you.
  • When you browse the TeamApt website: information relating to your browsing patterns and technical data about the equipment you are using to access the website is automatically collected using cookies, server logs and other similar technologies. You can select your preference from the cookies settings on any of our websites
  • Automatically: As you browse our websites certain information relating to your browsing patterns and technical data about the equipment you are using to access the website is automatically collected using cookies, server logs and other similar technologies. Please see our Cookie preference for further information.
  • From third parties/public sources:
    • technical data may be obtained from the following parties:
      • analytics providers
      • advertising networks
      • search information providers
    • Contact, financial and transaction data may be obtained from providers of technical, payment, credit referencing, and delivery services based both inside and outside the EU.
    • We utilise third-party service providers to secure information related to financial crime, fraud, sanctions and Politically Exposed Persons.

HOW WE USE YOUR PERSONAL DATA

TeamApt may use your personal data for the following purposes:

  • To provide the requested services to you;
  • To monitor traffic patterns and usage of the website to help to improve the website design and layout;
  • To record and store communications made via phone, Skype or the website chat function;
  • To personalise your experience on our websites or communications/advertising;
  • To provide customer service, including to respond to your enquiries and fulfil any of your requests for information;
  • To send you important information regarding the TeamApt services and/or other technical notices, updates, security alerts, and support and administrative messages; and
  • As TeamApt believes to be necessary or appropriate:
    • To comply with a legal obligation. This applies where the processing is necessary for TeamApt to comply with the law;
    • To enforce or apply this Privacy Policy; and
    • To protect TeamApt’s legitimate interests, privacy, property or safety, and/or those of a third party and your rights do not override those interests.

Fraud

We process your personal data on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. Such processing is also a contractual requirement of the services you have requested.

We may carry out fraud prevention checks using fraud prevention databases. If false or inaccurate information is provided, and/or fraud is identified, details will be passed to Central Bank of Nigeria and the Economic and Financial Crimes Commission. Law enforcement agencies may access and use this information.

RETENTION OF YOUR DATA

TeamApt will not retain your personal data for longer than is necessary for the purposes for which the personal data is processed. This means that your data will only be retained for as long as it is still required to provide you with services or is necessary for legal reasons. When calculating the appropriate retention period for your data TeamApt considers the nature and sensitivity of the data, the purposes for which TeamApt is processing the data and any applicable statutory retention periods. Using these criteria, TeamApt regularly reviews the personal data which we hold and the purposes for which it is held and processed. Our Payment Card Industry Data Security Standard requirements mean that we are obliged to retain data for a minimum of 10 years from the end of our business relationship with you. 

When TeamApt determines that personal data can no longer be retained (or where you request TeamApt to delete your data in accordance with your right to do so as contained in the Nigeria Data Protection Regulation (NDPR) 2019, TeamApt ensures that this data is securely deleted, anonymised or destroyed.

However, please note that, in some circumstances TeamApt may decide to retain your personal data for research or statistical purposes and, in such circumstances, TeamApt will anonymise your data before retaining it.

Type of data Retention Period Disposal Process
Electronic storage on database  10 years  

(regulatory reasons)

Programmatic (automatic) process to remove, at least on a quarterly basis, data that exceeds business retention requirements/r/reviews conducted at least on a quarterly basis
Hardcopy data (receipts/faxes) 10 years   Cross-cut shredded/incinerated, pulped
Hard drives (back-up) 10 years  Secure wipe program/degauss
Tape Media (back-up) 10 years  Physically destroy
System and network logs 1 years 
  • On at least a quarterly basis, the organization systematically removes and destroys all cardholder data that has exceeded its retention period, and to review and ensure remaining stored cardholder data to ensure that it remains within the formal retention requirements. 
  • Wherever the PAN is stored, whether electronic or on paper, it is masked. The first six and last four digits are the maximum number of digits that may be displayed. Certain members of the Operations and Service Delivery units have a legitimate business need when dealing with customer/cardholder enquires to access the PAN. 
  • Wherever the PAN is stored (including in logs, removable media, etc), it is made unreadable by means of one way hashes. 
  • Cardholder data is never stored on removable media.  
  • When removable physical storage media (including documents, faxes, and electronic media) are no longer required (i.e. they have passed their retention periods), they are destroyed as set out in physical security policy.

ACCURACY OF YOUR DATA

It is important that the personal data TeamApt holds about you is accurate and current. Please keep TeamApt informed if your personal data changes during your relationship with us. With our customer facing products, you can update your personal data or contact our Data Protection Officer when you want to exercise your right to Rectification at dpo@teamapt.com.

SECURITY OF YOUR DATA

In order to protect your personal data, TeamApt has appropriate organisational and technical security measures. These measures include storing data on a dedicated and secure server with at least 256-bit encryption, restricting access to your personal data to certain employees, ensuring the TeamApt internal IT systems are suitably secure, and implementing procedures to deal with any suspected data breach.

In the unlikely event of a data breach, TeamApt will take steps to mitigate any loss or destruction of data and, if appropriate, will notify you and any applicable authority of such a breach.

DATA TRANSFERS AND SHARING

TeamApt may need to pass your information to third party service providers which maintain, administer or develop the website on our behalf and the information will only be provided for such limited purposes and as detailed below. In addition, TeamApt may provide aggregate statistics about its customers, sales, traffic patterns and related website information to reputable third-parties, but these statistics will include no personally identifiable information.

TeamApt may transfer your personal data to third parties of the following types:

  • companies providing identity or financial validation services;
  • financial product providers;
  • Payment services companies acting on your, or our behalf;
  • banks;
  • companies providing analytics services;
  • data, service and software providers;
  • companies collecting and publicising customer reviews;
  • marketing services companies;
  • Regulatory and law enforcement bodies.

The security of your data is important to us and TeamApt will therefore, only transfer your data to such third parties if one or more of the following apply:

  • you have expressly consented to your data being shared with specific third parties;
  • the third party needs to access the personal data for the purposes of providing any contracted services to you;
  • the third party has agreed to comply with TeamApt’s instructions, NDPR 2019, required data security standards, policies, and procedures and put adequate security measures in place;

As at the last update to this Privacy Policy, TeamApt does not share data with any Organisation(s) outside Nigeria.

YOUR RIGHTS AS A DATA SUBJECT

Your personal data is protected by legal rights as stated in the Nigeria Data Protection Regulation (NDPR) 2019. These rights include: 

  • Right to rectification: you have the right to require us to correct any inaccuracies in your data.
  • Right to erasure: you have the right to require us to delete your data, subject to certain legal requirements.
  • Right to restriction of processing: you have the right to require us to restrict the way in which we process your personal data. You may wish to restrict processing if, for example:
    • You contest the accuracy of the data and wish to have it corrected;
    • You object to processing but we are required to retain the data for reasons of public interest; or
    • as a customer, you do not wish to receive marketing communication.
  • Right to data portability: you have the right to obtain from us easily and securely the personal data we hold on you for any purpose you see fit.
  • Right to object to processing: you have the right to require us to stop processing your personal data should you wish the data to be retained but no longer processed. Please be aware that this may prevent us from continuing to provide services to you.
  • Right of access: you have the right to request access to personal data that we may process about you.
  • Right to withdraw consent: you have the right at any time to withdraw consent allowing us to process your personal data. This will not affect the legality of any processing prior to the date of such withdrawal.

If you would like to exercise any of the above rights, please:

  • put your request in writing and send it to us through your usual registered channel (e.g. registered e-mail);
  • specify the right you wish to exercise.
  • You can also access the Data Subject Access Request (DSAR) portal on our webste

For more information or to exercise your data protection rights please, please contact our Data Protection Officer at: dpo@teamapt.com.

TeamApt will endeavour to process all subject access requests within 30 days and if any further extension is required, we will communicate same through existing consented channels – at no cost. However, please note that you may continue to receive existing communications for a transitional period whilst we update your preferences.

JOB APPLICANTS

If you apply for a job at TeamApt, you will be asked to submit information to TeamApt such as your name, contact details, information about your education and work history and any other background information that might be relevant for your application or that you choose to share with TeamApt. If you do not provide this information to us, we might not be able to process your application.

TeamApt will use this information to assess your application and candidacy for the position to which you have applied. Without limiting the generality of the foregoing, this may include:

  • Evaluating your skills and experience in relation to the qualification required for the job to which you have applied; and
  • Tracking feedback and interactions we have with you throughout the recruiting process. We may also use your information when analyzing our internal recruiting processes to determine:
    • Which recruit sources to focus on;
    • How to improve integration and training programs for new hires with different educational backgrounds and work experience; and
    • How to enhance our interview model to improve hiring quality.

The information you provide may also be used to communicate with you about TeamApt events and to send you publications that we think may be of interest to you.

We might share your personal data with other companies in the TeamApt group as well as with third parties such as recruitment service providers, background check providers and IT system providers. These TeamApt companies and third parties might be located in a different country than your country of residence.

We will keep your application data for up to 1 year. If you no longer wish for TeamApt to process your data or if you wish to exercise your rights, please contact hr@teamapt.com.

UPDATES TO THE PRIVACY POLICY

We are constantly trying to improve our Websites and Services, so we may need to change this Privacy Policy from time to time as well. We will alert you to material changes by, for example, placing a notice on our Websites and/or by sending you an email (if you have registered your e-mail details with us) when we are required to do so by applicable law. We reserve the right to update this Privacy Policy from time to time. Our updated terms will also be displayed on our websites (www.teamapt.com, www.moniepoint.com, www.monnify.com). It is your responsibility to check this Privacy Policy from time to time to verify such updates.

If you believe at any time that we have not handled your data in accordance with this Policy you should contact the Data Protection Officer. You may also contact the National Information Technology Development Agency (NITDA) at: dpo@nitda.gov.ng.

We have appointed a data protection officer (DPO) who is responsible for dealing with any such concerns, in addition to overseeing questions in relation to this Privacy Policy and handling requests in relation to the exercise of your rights. If you have any concerns or questions, please contact the Data Protection Officer using the details set out below.

CONTACT

Data Controller

Teamapt Limited

12, Wole Ariyo, Lekki Phase 1, Lagos, Nigeria

(234) 1 631 6270

info@teamapt.com

If you have any questions, comments and requests regarding your privacy and rights, please let us know how we can help:

Data Protection Officer

dpo@teamapt.com