Vend Finance and Technologies Limited (“Vendly”, “we”, “our” or “us”) is a financial technology company providing innovative financial services which include; leveraging APIs to facilitate exchange of digital assets on social media, gifting money and vouchers between social media users, monetising engagements with brand-incentivised surveys, donation to charities and other notable causes, charging for informal services, and other services which (“our Services”). We can be contacted via firstname.lastname@example.org and +16286005036.
The legal basis for processing your personal data is the legal requirement of your consent for us to process your personal data and our legitimate interest in providing our Services to you.
You may withdraw your consent by communicating such withdrawal to us via email@example.com. However, such withdrawal of consent shall not affect the lawfulness of the hitherto processing of your personal data before consent was withdrawn.
We will keep your personal data for as long as:
We store all received personal data in our purpose-built cloud except the ones stored via conferencing and other apps we use. We do not use any cookies or other devices to collect/store your data.
The data we collect may be shared with our employees, legal team, or Data Protection Officer. It may also be shared with our technology suppliers, for example our hosting provider(s). We may also share your personal data with third parties in which case we ensure that such third parties execute a Third-Party Data Processing Contract as required by the Nigeria Data Protection Regulation 2019 (NDPR). We will also share your data where we are required to do so by law – for example, by court order, or to prevent fraud or other crime.
However, we will not:
The security of your personal data is important to Vendly. We store and process your personal information on our computers in Nigeria. We have information security standards which ensure that your personal data is secured against all foreseeable hazards and data breaches such as theft, cyberattacks, viral attacks, manipulations etc. We also have a data breach incident management procedure which documents our quick response to any reported personal data breach incident, and ensure all incidents are managed in accordance with legal and regulatory requirements and best practice guidelines. Where we need to transfer your data to another country, such country must have an adequate data protection law. We will seek your consent where we need to send your data to a country without an adequate data protection law. We protect your information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration. Some of the safeguards we use are firewalls and data encryption, physical access controls to our data centres, and information access authorization controls.
You have the following rights under the NDPR and other relevant laws:
You can also:
If you have any of these requests, kindly contact our Data Protection Officer via firstname.lastname@example.org.
We have a Data Protection Officer (“DPO”) who can be contacted via email@example.com and our DPO will address any complaint or any violation of your privacy rights in accordance with the NDPR 2019 and any other law or regulation that may come into force from time to time.
Your personal data shall be: