3. COLLECTION OF PERSONAL DATA
What personal data we collect and why we collect it
3.1 Your Information
You may give us Personal Data about you by completing forms on our site, app, by allowing us to access your information on social media sites or by corresponding with us by phone, e-mail or otherwise. This includes information on app login, applying for a loan and activity on social media. The information you give us may include your name, current and previous address, e-mail, BVN, phone number, social networks data, financial information, personal status information, employment information, educational status, contacts and family information, applications and messages. We will also collect and process personal data derivable from your BVN.
When visitors leave comments on the site, we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.
If you leave a comment on our site, you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
If you turn cookies off, some features will be disabled. That makes your site experience less efficient and may not function properly.
3.5 Embedded content from other websites
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
4. USE OF PERSONAL DATA
How we use your Personal Data
We may use the information we collect from you in the following ways:
- To personalize your experience and to allow us to deliver the type of content and product offerings in which you are most interested;
- To provide products, services, and information regarding your request;
- To create a credit score based on your information;
- To notify about recent changes in the product or services provided;
- To follow up with you after correspondence (live chat, email or phone inquiries).
- To send messages (SMS) and enriched messages (RCS) to you for services and notification purposes.
5. HOW LONG WE RETAIN YOUR PERSONAL DATA
We will hold your Personal Data on QuickCheck’s systems for as long as it is necessary to fulfil the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements.
If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
For users that register on our website (if any), we also store the Personal Data they provide in their user profile. All users can see, edit, or delete their Personal Data at any time (except they cannot change their username). Website administrators can also see and edit that information.
We limit a One-month period to respond to your access request to your Personal Data in our possession. However, if the one-month timeline cannot be met or where we determine that the request made by you is excessive in nature, we will take steps to inform you and suggest alternative courses of action such as extension of the time of which to provide the information requested or request for cost for requests of an excessive nature. QuickCheck subjects itself to copy the regulatory authority in all such correspondence
6. YOUR RIGHTS AS A DATA SUBJECT
The law gives you certain rights in respect to your Personal Data we hold about you. Below is a highlight of some of those rights. At any point while we are in possession of or processing your Personal Data, you, the Data Subject have the following rights:
- RIGHT OF ACCESS – You have the right to request a copy of the information that we hold about you.
- RIGHT TO RECTIFY – You have the right to correct the Personal Data we hold about you that is inaccurate.
- RIGHT TO BE FORGOTTEN – In certain circumstances you may ask for the data we hold about you to be erased from our record.
- RIGHT TO RESTRICT PROCESSING – Where certain conditions apply, you have a right to restrict processing of your Personal Data.
- RIGHT TO PORTABILITY – You have the right to have your Personal Data transferred to another organisation.
- LODGE COMPLAINT – You have a right to lodge a complaint about the handling of your Personal Data with the Nigeria Data Protection Bureau (NDPB) at firstname.lastname@example.org
- RIGHT TO OBJECT – You have the right to object to the Processing of Personal Data.
NDPB’s website (ndpb.gov.ng) has a wealth of useful information in respect of your rights over your Personal Data. If you wish to exercise your rights, you may contact our Data Protection Officer at email@example.com or you may write to us at firstname.lastname@example.org
7. Where we send your data
Visitor comments may be checked through an automated spam detection service. We do not sell, trade, or otherwise transfer to outside parties your Personal Data unless we provide users with advance notice.
8. WHERE WE STORE YOUR PERSONAL DATA
The Personal Data we collect from you may be transferred to and stored at a destination outside Nigeria. By submitting your Personal Data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your Personal Data is treated securely with an appropriate level of protection and that the transfer is lawful under the NDPR and any applicable law on Data Protection.
9.1 How we protect your data
Your Personal Data is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology. We implement a variety of security measures when a user asks for a loan, submits data, or accesses their information to maintain the safety of your personal information. All transactions are processed through a gateway provider and are not stored or processed on our servers.
9.2 CAN-Spam ACT
The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations. We collect your email address in order to:
- Process loans and to send information and updates pertaining to loans
- Send you additional information related to your product and/or service.
To be in accordance with CAN-SPAM, we agree to the following:
- Non-use false or misleading subjects or email addresses;
- Identify the message as an advertisement in some reasonable way;
- Include the physical address of our business or site headquarters;
- Monitor third-party email marketing services for compliance, if one is used;
- Honor opt-out/unsubscribe requests quickly;
- Allow users to unsubscribe by using the link at the bottom of each email.
If at any time you would like to unsubscribe from receiving future emails, you can follow the instructions at the bottom of each email and we will promptly remove you from ALL correspondence.
9.3 What third parties we receive data from
Google’s advertising requirements can be summed up by Google’s Advertising Principles. They are put in place to provide a positive experience for users: support.google.com/adwordspolicy/answer/1316548?hl=en. We have not enabled Google AdSense on our site but we may do so in the future.
What automated decision-making and/or profiling we do with user data
9.4 Industry regulatory disclosure requirements
We do not sell, trade, or otherwise transfer to outside parties your Personal Data unless we provide users with advance notice. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. We may also release information when it’s release is appropriate to comply with the law, enforce our site policies, or protect ours or others’ rights, property or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
10. BREACH / PRIVACY VIOLATION
In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to Personal Data, we shall within 72 (Seventy-Two) hours of having knowledge of such breach report the details of the breach to NDPB.
Furthermore, where we ascertain that such breach is detrimental to your rights and freedoms in relation to your Personal Data, we shall within 7 (Seven) days of having knowledge of the occurrence of such breach take steps to inform you of the breach incident, the risk to your rights and freedoms resulting from such breach and any course of action to remedy said breach.
13 Town Planning Way,