Welcome to MsjPay (accessible via msjpay.ng). At MsjPay (operated by MsjPay Technologies Limited), your privacy and data security are our highest priorities. This Privacy Policy describes how we collect, use, store, process, and protect your personal and financial information when you use our website, mobile application, APIs, and digital financial services.
By accessing or using MsjPay, you agree to the collection and use of your information in accordance with this Privacy Policy and the Nigeria Data Protection Regulation (NDPR) and other applicable international data protection standards.
1. Information We Collect
To provide secure, licensed financial services, we must collect specific information. This includes:
- Personal Identification Information: Full name, physical address, email address, phone number, date of birth, biometric verification data, Bank Verification Number (BVN), National Identification Number (NIN), and government-issued ID documents. (Note: We use your BVN solely for identity verification in line with Central Bank of Nigeria requirements).
- Financial and Transactional Data: Bank account details, debit/credit card numbers (stored via tokenized, PCI-DSS compliant secure vaults), transaction history, account balances, and merchant invoice data.
- Device and Technical Information: IP address, device type, operating system version, browser type, location coordinates, cookies, and mobile identifier tracking data.
- Communication Records: Records of interaction with customer support, survey responses, and feedback submissions.
2. How We Use Your Data
We process your personal information for legitimate business and regulatory purposes:
- Identity Verification & KYC Compliance: Confirming your identity to fulfill Central Bank of Nigeria (CBN) Anti-Money Laundering (AML) and Counter-Terrorism Financing (CFT) guidelines.
- Service Delivery: Processing incoming and outgoing payments, settling merchant accounts, generating digital invoices, and running our digital wallet operations.
- Fraud Prevention & Security: Actively scanning transactions to detect and block fraudulent, abusive, or unauthorized activities.
- Product Optimization: Analyzing platform usage data to troubleshoot software bugs, improve visual UX, and design new financial features.
- Notifications & Marketing: Sending transactional receipts, service updates, and optional marketing alerts. You can opt-out of marketing communications at any time.
3. Data Security & Storage
We employ military-grade security infrastructure to safeguard your information:
Encryption: All data in transit is encrypted using Secure Socket Layer (SSL/TLS) protocols. Data at rest is secured via AES-256 standard encryption keys.
PCI-DSS Compliance: Our processing architecture is fully compliant with the Payment Card Industry Data Security Standard (PCI-DSS). We do not store raw card PINs or CVVs on our servers.
Physical & Network Security: Data is stored in secure cloud environments featuring automated threat detection and restricted access protocols.
Data Retention: We retain your information only as long as necessary to comply with Nigerian banking regulations and statutory limitation periods (typically 6-10 years post-account closure).
5. User Rights
Under the Nigeria Data Protection Regulation (NDPR), you have the following rights regarding your data:
- Right to Access: You can request details of the personal data we hold about you.
- Right to Rectification: You can request instant corrections to inaccurate or incomplete information.
- Right to Erasure ("Right to be Forgotten"): You can request the deletion of your account and personal data, subject to regulatory retention laws.
- Right to Portability: You can request a structured, machine-readable export of your transactional history.
- Right to File a Complaint: You can report any data privacy concerns directly to the Nigeria Data Protection Commission (NDPC).
If you wish to exercise any of these rights, please contact our Data Protection Officer at dpo@msjpay.ng.