CREDICORP DATA PROTECTION & PRIVACY POLICY

Effective Date: 28th May 2025

About CREDICORP

The Nigerian Consumer Credit Corporation (CREDICORP) is a Development Finance Institution (DFI) of the Federal Government of Nigeria, established with one mandate: to democratise access to consumer credit for Nigeria's working population.

This Data Protection & Privacy Policy relates solely to the information you provide through our website, https://www.credicorp.ng, and other platforms under CREDICORP’s control. We process your personal data in compliance with the Nigeria Data Protection Act (NDPA) 2023, the NDPA General Application and Implementation Directive (GAID) 2025, the Constitution of the Federal Republic of Nigeria 1999 (as amended), and all other applicable Nigerian laws. References to GDPR are made only where relevant for international data transfer purposes.

Your Personal Information

CREDICORP collects personal information through your interactions with our website, forms, and registration portals. We are committed to safeguarding your privacy and treating your information confidentially in line with our data protection obligations.

This policy outlines how we collect, use, and protect your personal information. By providing us with your personal data, you consent to its processing as outlined in this policy.

Categories of Personal Data Collected:

  • Personal Identification Data: Name, email address, phone number, physical address, National Identification Number (NIN), Bank Verification Number (BVN), and financial information (e.g., bank account details) where applicable.
  • Sensitive Personal Data: Financial records, employment details, and other data classified as sensitive under Section 30 of the NDPA 2023. Such data will only be processed with your explicit consent or on another lawful basis permitted by the NDPA.
  • Technical Data: IP address, browser type, device information, and usage data collected automatically.
  • Cookie Data: Data collected via cookies and similar tracking technologies, subject to your consent preferences.

How We Use Your Data

  • To provide and improve our services: This is necessary to perform our contract with you, or to take steps prior to entering into a contract.
  • To communicate with you: We may send you information about products, services, and events. You may opt out at any time.
  • To comply with legal and regulatory obligations: We may process your data to meet obligations under Nigerian laws, including mandates from the Nigeria Data Protection Commission (NDPC), Central Bank of Nigeria (CBN), and others.
  • For fraud prevention and security: To ensure the integrity of our services and prevent fraudulent activities.
  • For marketing purposes: With your consent, to inform you of relevant services or updates.

Legal Basis for Processing

  • Consent: Where required, we will obtain your explicit consent for data collection and processing.
  • Contractual Necessity: For the performance of services that you have requested.
  • Legitimate Interests: To improve our services and ensure security.
  • Legal Obligation: To comply with Nigerian regulations.

Data Sharing

  • CREDICORP: Including subsidiaries and affiliates.
  • Regulatory Authorities: Such as NDPC, CBN, and other governmental bodies with jurisdiction over CREDICORP.
  • Service Providers: Third-party vendors who assist in hosting, data analysis, customer support, and payment processing. These third parties are contractually obligated to protect your data.
  • Credit Reference Agencies: For creditworthiness assessments.
  • Debt Collection Agencies: In the event of a default.
  • Business Partners: In cases of joint ventures or collaborations, under appropriate data protection agreements.

International Data Transfers

Your personal data may be transferred to and processed in countries outside Nigeria if required for the services provided by CREDICORP. In such cases, we ensure that appropriate safeguards are in place, including the use of Standard Contractual Clauses (SCCs), or by transferring data to jurisdictions recognized by the Nigeria Data Protection Commission (NDPC) as providing an adequate level of data protection. We are committed to ensuring that your data is handled securely, regardless of where it is processed.

Cookies and Tracking Technologies

When you visit our website, we use cookies to enhance your experience and provide personalized services. Cookies are small files stored on your device that help us enhance your experience and analyse usage patterns. You have the option to manage your cookie preferences, allowing you to opt-in or opt-out of the following cookie categories:

  • Strictly Necessary Cookies: Essential for website operation (e.g., security features). These cannot be disabled.
  • Performance/Analytical Cookies: These cookies allow us to analyze website traffic and optimize performance. You may opt-in or opt-out of these cookies.
  • Functionality Cookies: Used to remember your preferences (e.g., language settings). You can enable or disable these cookies.
  • Targeting/Advertising Cookies: These cookies are used to deliver relevant ads and track marketing campaigns. Explicit consent is required for these cookies.

Your Cookie Choices

You can manage your cookie preferences by clicking on the "Cookie Settings" link in the website footer, which allows you to accept or decline non-essential cookies. You may also adjust your preferences through your browser settings at any time.

At CREDICORP we use cookies to help ensure that our website functions properly. These cookies are necessary and so are set automatically. However, these cookies are optional, and you can choose which particular function you would like to accept. To do this, select 'Manage cookie settings'. If you'd like to accept all optional cookies, select 'Accept all'.

Internet Communications

To maintain the security of our systems, protect our staff, record transactions, and, in certain circumstances, prevent and detect crime or unauthorised activities, CREDICORP reserves the right to monitor internet communications, including emails sent or traffic into and out of its domains. This monitoring may include the analysis of data to ensure compliance with security policies and regulatory requirements. By using this website, you agree to these monitoring processes.

Your Rights

Under the NDPA 2023, you have the following rights, which you may exercise free of charge:

  • Right of Access: Request a copy of your personal data and information about how it is processed (Section 35, NDPA).
  • Right to Rectification: Request correction of inaccurate or incomplete personal data (Section 36, NDPA).
  • Right to Erasure (‘Right to be Forgotten’): Request deletion of your data where it is no longer necessary for the purpose for which it was collected (Section 37, NDPA).
  • Right to Restrict Processing: Request that we limit processing of your data in certain circumstances.
  • Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format, and transmit it to another data controller where technically feasible (Section 38, NDPA).
  • Right to Object: Object to processing based on legitimate interest or for direct marketing purposes (Section 39, NDPA).
  • Right Not to be Subject to Automated Decision-Making: Where a decision has significant legal or similar effects, request human review and the right to challenge the outcome (Section 34, NDPA).
  • Right to Withdraw Consent: Withdraw consent at any time without detriment, where consent is the lawful basis.
  • Right to Lodge a Complaint: File a complaint with the NDPC at www.ndpc.gov.ng if you believe your data rights have been violated

To exercise your rights, please contact our Data Protection Officer at privacy@credicorp.ng.

Data Retention

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, in compliance with legal, regulatory, or operational requirements. Once your data is no longer necessary, it will be securely deleted or anonymized.

Third-Party Links

Our website may contain links to third-party websites. CREDICORP is not responsible for the content or privacy practices of these external websites. We encourage you to review their privacy policies before providing any personal data.

Data Security

CREDICORP uses a range of security measures, including encryption and access control, to protect your personal data from unauthorized access or misuse. However, no data transmission over the internet can be guaranteed 100% secure.

Data Breach Notification

In accordance with the Nigeria Data Protection Act (NDPA 2023) and GDPR, in the event of a data breach that could compromise the security of your personal information, CREDICORP reserves the right to:

  • Notify the Nigeria Data Protection Commission (NDPC) within 72 hours of becoming aware of any breach that presents a significant risk to your rights and freedoms.
  • Notify affected users promptly, providing details of the breach and actions taken.

By using this website, you acknowledge and consent to these data breach notification practices.

Contacting You

By providing your email address, phone number, or other contact details to CREDICORP, you agree that we may contact you via these methods to:

  • Inform you of updates or changes to our services and policies.
  • Share information about products, services, and events that we believe may be of interest to you.

If you prefer not to be contacted for marketing purposes, you can opt out at any time by contacting us at support@credicorp.ng or by following the unsubscribe instructions included in our communication.

For any inquiries related to our Data Protection and Privacy Policy, or if you wish to exercise your data subject rights (e.g., access, rectification, deletion of your data), please contact our Data Protection Officer (DPO) atprivacy@credicorp.ng.

CREDICORP Terms of Use

Effective Date: 28th May 2025

By using the CREDICORP website, you agree to comply with these Terms of Use.

1. Use of the Website

You agree to use this website for lawful purposes only and in accordance with Nigerian law. You are prohibited from introducing malicious software, such as viruses or malware, or attempting unauthorised access to the website.

2. User Responsibilities

You are responsible for providing accurate, current, and complete information on the website. Failure to do so may result in suspension of your access to services.

3. Intellectual Property

All content on this website, including text, graphics, logos, and software, is the property of CREDICORP or its licensors and is protected by applicable intellectual property laws. You may not reproduce, distribute, or exploit any content without prior written consent.

4. Liability and Disclaimers

This website is provided "as is" without warranties of any kind. CREDICORP is not liable for any damages arising from the use or inability to use the website or any third-party content.

5. Third-Party Links

CREDICORP is not responsible for the content or privacy practices of external websites linked to our platform. Accessing such links is at your own risk.

6. Financial Advice Disclaimer

The content on this website does not constitute financial or professional advice. You are advised to seek independent advice from qualified professionals before making decisions based on this information. Any reliance on such content is at your own risk.

7. Governing Law

These Terms of Use are governed by the laws of the Federal Republic of Nigeria. Any disputes shall be subject to the jurisdiction of Nigerian courts.

8. Contacting You

By submitting your contact details, you agree that we may contact you via email, SMS, phone, or other communication methods for purposes such as:

  • Providing important updates regarding your interactions with our services.
  • Sending billing reminders and information about new products or services.

You may withdraw your consent at any time by contacting us at info@credicorp.ng or by following the opt-out instructions included in our communications.

For issues related to the use of our website or your rights under these Terms of Use, please contact support@credicorp.ng.