Privacy Policy

Effective Date: 04-March-2025
Last Updated: January 19, 2026
Website: https://nin.healer.name.ng
Service Provider: NIN/BVN

1. Overview

NIN/BVN is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, protect, and handle your personal data when you use our NIN/BVN verification services.

OUR PRIVACY COMMITMENT

We operate under the Nigeria Data Protection Regulation (NDPR) 2019 and international best practices to ensure your personal information is protected at all times.

  • We never store verification data on our servers
  • We use military-grade encryption for all data transmission
  • We implement strict access controls and monitoring
  • We comply with all applicable privacy laws and regulations

By using our services, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Personal Information

When you create an account or use our services, we may collect the following personal information:

Information Type Examples Purpose
Account Information Username, email address, phone number Account creation and management
Identity Information Full name, date of birth (if required) Account verification and compliance
Payment Information Billing details, transaction history Service billing and financial records
Communication Data Support tickets, email correspondence Customer service and support

2.2 Technical Information

We automatically collect certain technical information when you use our services:

  • Device Information: Browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, time spent on platform
  • Network Information: IP address, location data, connection details
  • Security Logs: Access attempts, security events, fraud prevention data

VERIFICATION DATA HANDLING

Critical Important: We do NOT store, save, or retain any NIN or BVN verification data. This information is:

  • Transmitted securely to authorized data providers
  • Processed in real-time for verification
  • Immediately deleted after response generation
  • Never stored on our servers or databases

2.3 Information from Third Parties

We may receive information about you from third parties in the following circumstances:

  • Verification Partners: Confirmation of successful verification requests
  • Payment Processors: Transaction status and payment confirmation
  • Security Services: Fraud prevention and risk assessment data
  • Analytics Providers: Usage statistics and performance metrics

3. How We Use Your Information

3.1 Primary Uses

We use your personal information for the following purposes:

SERVICE DELIVERY

  • Account Management: Creating and maintaining user accounts
  • Service Provision: Processing verification requests and API calls
  • Payment Processing: Handling transactions and billing
  • Customer Support: Responding to inquiries and resolving issues

3.2 Security and Compliance

  • Fraud Prevention: Detecting and preventing fraudulent activities
  • Security Monitoring: Protecting against unauthorized access and cyber threats
  • Compliance: Meeting legal and regulatory requirements
  • Risk Management: Assessing and mitigating operational risks

3.3 Service Improvement

  • Platform Enhancement: Improving user experience and functionality
  • Performance Optimization: Monitoring and improving service performance
  • Feature Development: Creating new services and capabilities
  • Quality Assurance: Ensuring service reliability and accuracy

3.4 Legal Basis for Processing

We process your personal information based on the following legal grounds:

  • Consent: You have given clear consent for processing
  • Contract: Processing is necessary to provide our services
  • Legal Obligation: Required by Nigerian law or regulations
  • Legitimate Interest: For fraud prevention and security purposes

4. Data Protection & Security

COMPREHENSIVE SECURITY MEASURES

We implement industry-leading security measures to protect your personal information:

4.1 Technical Safeguards

  • Encryption: 256-bit SSL/TLS encryption for all data transmission
  • Database Security: Encrypted databases with restricted access
  • Network Security: Firewalls, intrusion detection, and DDoS protection
  • Access Controls: Multi-factor authentication and role-based permissions

4.2 Operational Safeguards

  • Staff Training: Regular privacy and security training for all personnel
  • Background Checks: Thorough vetting of employees with data access
  • Access Monitoring: Continuous monitoring of data access and usage
  • Incident Response: Rapid response procedures for security incidents

4.3 Physical Safeguards

  • Secure Facilities: Data centers with controlled physical access
  • Environmental Controls: Climate and power management systems
  • Surveillance: 24/7 monitoring and security personnel
  • Asset Management: Secure disposal of hardware and media

4.4 Data Minimization

We follow the principle of data minimization by:

  • Collecting only information necessary for service provision
  • Processing data only for specified, legitimate purposes
  • Retaining information only as long as necessary
  • Implementing automated data deletion procedures

5. Data Sharing & Disclosure

LIMITED SHARING POLICY

We do NOT sell, rent, or trade your personal information to third parties for marketing purposes. We only share information in the specific circumstances outlined below.

5.1 Authorized Sharing

We may share your personal information only in the following circumstances:

  • Service Providers: Trusted third parties who provide services on our behalf (payment processing, security monitoring)
  • Verification Partners: Authorized data providers for NIN/BVN verification (data is not stored)
  • Legal Compliance: When required by law, regulation, or legal process
  • Safety and Security: To protect against fraud, abuse, or security threats

5.2 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal information may be transferred. You will be notified of any such change via email or prominent notice on our website.

5.3 Consent-Based Sharing

We may share your information with other parties when you provide explicit consent for such sharing.

5.4 Data Processing Agreements

All third parties with whom we share data are required to:

  • Sign comprehensive data processing agreements
  • Implement appropriate security measures
  • Use data only for specified purposes
  • Comply with applicable privacy laws

6. Data Retention

6.1 Retention Periods

We retain your personal information for the following periods:

Data Type Retention Period Legal Basis
Account Information Duration of account + 2 years Contract fulfillment and legal requirements
Transaction Records 7 years Financial regulations and tax compliance
Security Logs 1 year Security monitoring and incident response
Support Communications 3 years Customer service and dispute resolution
Verification Data Immediately deleted Data minimization principle

6.2 Automatic Deletion

We have implemented automated systems to ensure data is deleted according to our retention schedules. This includes:

  • Regular purging of expired data
  • Secure deletion of backup copies
  • Verification of complete data removal
  • Audit trails of deletion activities

7. Your Rights

YOUR DATA PROTECTION RIGHTS

Under the Nigeria Data Protection Regulation (NDPR) and other applicable laws, you have the following rights regarding your personal information:

7.1 Access Rights

  • Right to Access: Request a copy of your personal information we hold
  • Right to Information: Understand how your data is processed and for what purposes

7.2 Control Rights

  • Right to Rectification: Correct inaccurate or incomplete personal information
  • Right to Erasure: Request deletion of your personal information (subject to legal requirements)
  • Right to Restriction: Limit the processing of your personal information
  • Right to Portability: Receive your data in a structured, machine-readable format

7.3 Consent Rights

  • Right to Withdraw Consent: Withdraw consent for data processing at any time
  • Right to Object: Object to processing based on legitimate interests

7.4 How to Exercise Your Rights

To exercise any of these rights, you can:

  • Log into your account and update your information
  • Contact our Data Protection Officer at: dpo@nin.healer.name.ng
  • Submit a request through our support system
  • Send a written request to our office address

Response Time: We will respond to your request within 30 days of receipt and verification of your identity.

8. Cookies & Tracking Technologies

8.1 What Are Cookies

Cookies are small text files stored on your device when you visit our website. We use cookies and similar technologies to enhance your experience and improve our services.

8.2 Types of Cookies We Use

Cookie Type Purpose Duration
Essential Cookies Enable basic website functionality and security Session/Persistent
Performance Cookies Monitor website performance and user experience Up to 2 years
Functional Cookies Remember your preferences and settings Up to 1 year
Security Cookies Detect suspicious activity and prevent fraud Session/Persistent

8.3 Cookie Management

You can control cookies through:

  • Browser Settings: Configure your browser to block or delete cookies
  • Cookie Preferences: Use our cookie preference center
  • Opt-Out Tools: Use third-party opt-out mechanisms where available

ESSENTIAL COOKIES NOTICE

Some cookies are essential for the operation of our services. Disabling these cookies may prevent you from using certain features of our platform.

9. Third-Party Services

9.1 Integration Partners

Our platform integrates with trusted third-party services to provide comprehensive verification capabilities:

  • Payment Processors: Secure payment handling and transaction processing
  • Security Providers: Fraud detection and threat protection services
  • Analytics Services: Website performance and usage analytics
  • Communication Tools: Email delivery and SMS notification services

9.2 Third-Party Privacy Policies

Each third-party service provider has its own privacy policy governing the use of your information. We encourage you to review these policies:

  • We select partners based on their privacy and security standards
  • We require contractual commitments to protect your data
  • We regularly audit partner compliance with privacy requirements
  • We limit data sharing to what is necessary for service provision

9.3 Social Media and External Links

Our website may contain links to social media platforms and external websites. Please note:

  • We are not responsible for the privacy practices of external sites
  • External sites may collect information about you independently
  • We recommend reviewing privacy policies of all websites you visit
  • Social media interactions are governed by the platform's privacy policy

10. Children's Privacy

AGE RESTRICTION POLICY

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children.

10.1 Age Verification

We implement measures to prevent underage use of our services:

  • Age verification during account registration
  • Terms of service that restrict use to adults
  • Monitoring for potential underage accounts
  • Immediate action when underage use is detected

10.2 Parental Rights

If you believe your child has provided personal information to us:

  • Contact us immediately at: privacy@nin.healer.name.ng
  • We will investigate and delete the information promptly
  • We will take steps to prevent future unauthorized access
  • We will provide confirmation of data deletion

11. International Data Transfers

11.1 Data Location

Your personal information is primarily processed and stored in Nigeria. However, some data may be transferred internationally for:

  • Cloud storage and backup services
  • Security monitoring and threat detection
  • Technical support and maintenance
  • Payment processing and fraud prevention

11.2 Transfer Safeguards

When we transfer data internationally, we ensure appropriate safeguards:

  • Adequacy Decisions: Transfer to countries with adequate protection
  • Standard Contractual Clauses: Legal agreements ensuring data protection
  • Binding Corporate Rules: Internal policies for multinational organizations
  • Certification Schemes: Industry-standard privacy certifications

12. Policy Updates

12.1 Change Notification

We may update this Privacy Policy periodically to reflect:

  • Changes in our services or business practices
  • New legal or regulatory requirements
  • Enhanced privacy protections and security measures
  • Feedback from users and privacy advocates

12.2 Notice of Changes

When we make significant changes to this policy, we will:

  • Update the "Last Modified" date at the top of this policy
  • Send email notifications to registered users
  • Display prominent notices on our website
  • Provide a summary of key changes

12.3 Continued Use

Your continued use of our services after policy changes constitutes acceptance of the updated terms. If you disagree with changes, you may:

  • Stop using our services
  • Request deletion of your personal information
  • Contact us with concerns or questions

13. Legal Compliance

13.1 Regulatory Framework

We comply with all applicable privacy laws and regulations, including:

  • Nigeria Data Protection Regulation (NDPR) 2019
  • Nigerian Communications Commission (NCC) Guidelines
  • Central Bank of Nigeria (CBN) Regulations
  • International privacy frameworks where applicable

13.2 Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee privacy compliance:

  • Role: Monitor compliance with privacy laws and regulations
  • Contact: dpo@nin.healer.name.ng
  • Responsibilities: Privacy impact assessments, staff training, incident response
  • Authority: Direct access to senior management and independent decision-making

13.3 Privacy Impact Assessments

We conduct regular privacy impact assessments to:

  • Identify and mitigate privacy risks
  • Ensure compliance with legal requirements
  • Improve our privacy practices and procedures
  • Demonstrate accountability to regulators and stakeholders

14. Contact Information

PRIVACY CONTACT DETAILS

For all privacy-related inquiries, concerns, or requests, you can contact us through the following channels:

14.1 General Privacy Inquiries

14.2 Response Timeframes

  • General Inquiries: 2-5 business days
  • Data Rights Requests: 30 days (may be extended by 60 days for complex requests)
  • Security Incidents: Immediate acknowledgment, full response within 72 hours
  • Complaints: Acknowledgment within 2 business days, resolution within 30 days

14.3 Regulatory Authority

If you are not satisfied with our response to your privacy concerns, you may file a complaint with:

  • Nigeria Data Protection Commission (NDPC)
  • Address: Plot 1708, Mohammadu Buhari Way, CBD, Abuja, Nigeria
  • Email: info@ndpc.gov.ng
  • Website: www.ndpc.gov.ng

OUR COMMITMENT TO YOU

Your privacy is fundamental to our business. We are committed to:

  • Transparency in how we collect and use your information
  • Security in protecting your personal data from unauthorized access
  • Control by giving you choices about your information
  • Compliance with all applicable privacy laws and regulations
  • Continuous improvement of our privacy practices and security measures

Thank you for trusting NIN/BVN with your personal information. We are committed to protecting your privacy and providing secure, reliable verification services.