Privacy Policy

Last updated on 5th December, 2021

Who we are

Vend Finance and Technologies Limited (“Vendly”, “we”, “our” or “us”) is a financial technology company providing innovative financial services which include; leveraging APIs to facilitate exchange of digital assets on social media, gifting money and vouchers between social media users, monetising engagements with brand-incentivised surveys, donation to charities and other notable causes, charging for informal services, and other services which (“our Services”). We can be contacted via and +16286005036.

As a Data Controller, we have published this Privacy Policy for users to access or use the services and tools offered through our site and portal ("Vendly Services") or otherwise interact with us(“our Platforms”) and our Services (“you” or “your”) understand how we collect, secure, use, and share your personal identifiable information (“personal data”) while providing you with our top-notch Services.

What Personal Data do we collect

This Privacy Policy applies to all personal data collected or received from you and may include:

  1. Your names, email addresses, telephone number, location (where applicable).
  2. Your images (as processed by the video conferencing apps) or at live events, your voice, views, opinions, etc.
  3. Bank account details, bank verification number, valid photo ID.
  4. Information about your identity, e.g. your nationality, passport information, any Government approved Identity Card.
  5. And all other personal data that you share with us during your dealings with us.
  6. Transactional information, e.g. details about your accounts, including payments made to and from these accounts.
  7. Communication records, e.g. details recorded during our written and verbal communications with you.
  8. Your preferences, such as consents for marketing and other communications.
  9. Publicly available information on search engines.
  10. Usage data, including information about how you use our products and services.
  11. Investigations data. This may include; anti-money laundering and Combating Financing of Terrorism checks, Enhanced Due Diligence, Fraud or Convicted Criminal database, Politically Exposed Persons, external intelligence reports, and other due diligence checks.
  12. Information required to satisfy our regulatory obligations, e.g. information about transactions, detection of any suspicious and unusual activity, and information about parties connected to you or these activities.
  13. Risk rating information, e.g. Suspicious Transaction patterns.
  14. Information gathered when you visit our websites.This might include; the Internet Protocol(IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browsing plug -in types and versions, operating system and platform, Uniform Resource Locators(URL), and how you navigate our websites.

Our Legal Basis for processing your data.

The legal basis for processing your personal data is the legal requirement of your consent for us to process your personal data and our legitimate interest in providing our Services to you.

How we get your consent

You accept this Privacy Policy when you give consent upon accessing our Platforms or use our Services for official or non-official purposes. You give us consent to process your personal data when you click Create Account and fill in your personal details and other answers into the provided blank form. You also give us consent when you fill in your details into any of the blank forms provided on our Platforms for collection of personal data.

How to withdraw your consent

You may withdraw your consent by communicating such withdrawal to us via However, such withdrawal of consent shall not affect the lawfulness of the hitherto processing of your personal data before consent was withdrawn.

How long we keep your data

We will keep your personal data for as long as:

  1. The law requires us to.
  2. It is needed for the purposes mentioned in this Privacy Policy.
  3. You do not request deletion of your personal data.

Where your data is processed and stored

We store all received personal data in our purpose-built cloud except the ones stored via conferencing and other apps we use. We do not use any cookies or other devices to collect/store your data.

The data we collect may be shared with our employees, legal team, or Data Protection Officer. It may also be shared with our technology suppliers, for example our hosting provider(s). We may also share your personal data with third parties in which case we ensure that such third parties execute a Third-Party Data Processing Contract as required by the Nigeria Data Protection Regulation 2019 (NDPR). We will also share your data where we are required to do so by law – for example, by court order, or to prevent fraud or other crime.

However, we will not:

  1. Sell or rent your data to third parties.
  2. Share your data with third parties for marketing purposes.
  3. Expose your data to unauthorized persons in our organization.

How we protect your data

The security of your personal data is important to Vendly. We store and process your personal information on our computers in Nigeria. We have information security standards which ensure that your personal data is secured against all foreseeable hazards and data breaches such as theft, cyberattacks, viral attacks, manipulations etc. We also have a data breach incident management procedure which documents our quick response to any reported personal data breach incident, and ensure all incidents are managed in accordance with legal and regulatory requirements and best practice guidelines. Where we need to transfer your data to another country, such country must have an adequate data protection law. We will seek your consent where we need to send your data to a country without an adequate data protection law. We protect your information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centres, and information access authorization controls.

Your Privacy Rights

You have the following rights under the NDPR and other relevant laws:

  1. Right to consent to the processing of your personal data
  2. Right to information on how your personal data is processed
  3. Right of access to your personal data
  4. Right to withdraw consent at any time
  5. Right to object to processing of your data
  6. Right to rectification of your data
  7. Right to request us to transfer your data to another entity electronically
  8. Right to lodge a complaint to the supervisory authority(NITDA)

You can also:

  1. Raise an objection to us about how your personal data is processed;
  2. Request that your personal data be erased where you believe justification no longer exists for keeping it;
  3. Ask that the processing of your personal data is restricted in certain circumstances;

If you have any of these requests, kindly contact our Data Protection Officer via

Data Protection Officer, complaint-handling and remedies

We have a Data Protection Officer (“DPO”) who can be contacted via and our DPO will address any complaint or any violation of your privacy rights in accordance with the NDPR 2019 and any other law or regulation that may come into force from time to time.

Links to other websites

This privacy policy only applies to our Platforms and does not cover other third-party links and services or transactions that we connect to. We shall not be responsible for the privacy practices, or content of these third-party links/websites. As such, we encourage you to read and understand the privacy statements of these third-party links/websites and evaluate the security and trustworthiness of such links/websites connected to or accessed through this site before disclosing any personal information to them.


Cookies are small files with small pieces of data placed on your computer’s hard drive that enable the website to identify your computer as you view different pages. Cookies allow websites and applications to store your preferences in order to present contents, options or functions that are specific to you. Like most interactive websites, our website uses cookies to enable the tracking of your activity for the duration of a session and to distinguish you from other users of our websites. This provides you with a better browsing experience and allows us to improve our websites.

Principles guiding the handling of data

Your personal data shall be:

  1. Collected and processed in accordance with specific, legitimate and lawful purposes;
  2. Consented to by you; provided that: a further processing may be done only for archiving, scientific research, historical research or statistical purposes for public interest;
  3. Restricted to you and shall not be transferred to any person or entity except when requested by you or required by law;
  4. Adequate, accurate and without prejudice to the dignity of human person;
  5. Deleted from our database and any other location where it is stored at your request;
  6. Stored only for the period within which it is reasonably needed, and
  7. Secured against all foreseeable hazards and breaches such as theft, cyberattack, viral attack, dissemination, manipulations of any kind, damage by rain, fire or exposure to other natural elements.

Governing Law

This Privacy Policy is made pursuant to the NDPR and other relevant Nigerian laws, regulations, or international conventions applicable to Nigeria. Where any provision of this Privacy Policy is deemed inconsistent with a law, regulation or convention, such provision shall be subject to the overriding law, regulation, or convention.

Changes to this Policy

We update our Privacy Policy regularly—this version is effective as of the date indicated above. We will notify you of material changes to the Privacy Policy by email as well as a notice on our Platforms.