How Payeelord collects, uses, protects, and shares personal data.
Last updated: May 12, 2026. This policy is written for the services available through this website and ERP, including wallet-backed digital services, KYC, developer API access, gift cards, virtual accounts, virtual cards, business onboarding, support, and reseller operations.
1. Who is responsible for your data
Payeelord is responsible for personal data processed through this website, user accounts, wallet services, support tools, API services, and administrative workflows, except where a bank, payment processor, card issuer, telecommunications provider, gift card processor, identity verification provider, or other regulated partner independently determines how it processes your information.
This policy supports the transparency principles under the Nigeria Data Protection Act, 2023, including informing you about the purposes, lawful bases, recipients, retention, rights, complaints, and security practices that apply to your personal data.
2. Personal data we collect
- Account data such as name, username, email address, phone number, password hash, referral code, role, package, account status, and communication preferences.
- Profile and KYC data such as address, date of birth where required, government identity information, BVN or verification reference where applicable, uploaded documents, business information, directors, settlement details, and review status.
- Wallet and transaction data such as balances, funding records, withdrawal details, service orders, data and airtime purchases, bill payments, PIN purchases, gift card orders, card transactions, refunds, cashback, fees, receipts, and dispute records.
- Technical data such as IP address, device information, browser details, login history, API keys, webhook URLs, source IP whitelist entries, request logs, error reports, cookies, and session identifiers.
- Support and communication data such as messages, complaints, dispute notes, WhatsApp contact records, push notification preferences, email records, and survey or feedback content.
3. How we use your data
- To create and secure your account, authenticate logins, enforce two-factor or email OTP settings, and prevent unauthorized access.
- To provide services such as data, airtime, cable TV, electricity, recharge PINs, education PINs, gift cards, virtual accounts, virtual cards, SMM services, business onboarding, and developer API access.
- To process wallet debits, credits, withdrawals, refunds, cashback, transaction receipts, provider reconciliation, accounting records, and dispute resolution.
- To verify identity, manage risk, comply with legal obligations, monitor fraud, investigate abuse, and enforce account limits or restrictions.
- To communicate service updates, support responses, security notices, onboarding messages, API alerts, and optional marketing where permitted.
- To improve service reliability, audit system activity, debug errors, measure usage, maintain records, and develop safer product features.
4. Lawful bases for processing
Depending on the context, we process personal data because it is necessary to perform a contract with you, comply with legal or regulatory obligations, protect legitimate business and security interests, establish or defend legal claims, protect vital interests in urgent fraud or safety matters, or because you gave consent for a specific purpose. You may withdraw consent where consent is the applicable basis, but withdrawal will not affect processing already completed lawfully.
5. When we share data
We may share relevant data with payment processors, banks, virtual account providers, card issuers, identity verification providers, electricity and cable providers, gift card processors, API infrastructure providers, hosting and analytics vendors, delivery or support vendors, professional advisers, auditors, regulators, law enforcement, and dispute resolution bodies. We only share what is reasonably required for the purpose.
Some providers may process data outside Nigeria. Where this happens, we take reasonable steps to use appropriate safeguards, contractual protections, or lawful transfer mechanisms required by applicable data protection law.
6. Retention and security
We keep personal data for as long as needed to provide services, maintain transaction records, resolve disputes, comply with accounting, tax, anti-fraud, consumer protection, financial, and legal obligations, and protect our rights. Records connected to wallet activity, KYC, provider reconciliation, refunds, and disputes may be retained longer than ordinary marketing or session records.
We use administrative, technical, and organizational safeguards such as role-based access, authentication controls, audit logs, password hashing, limited data access, and operational monitoring. No online service can guarantee absolute security, so you must keep your login details, OTPs, API keys, and devices safe.
7. Your privacy rights
Subject to legal limits, you may request access to your personal data, correction of inaccurate data, deletion where retention is no longer required, restriction or objection to certain processing, portability where applicable, withdrawal of consent, and information about automated decision-making where used.
You may also lodge a complaint with the Nigeria Data Protection Commission or another competent authority. We may need to verify your identity before responding to a privacy request, especially where wallet, KYC, business, or transaction data is involved.
8. Cookies, minors, updates, and contact
We use cookies and similar technologies for login sessions, security, preferences, analytics, and service reliability. Our services are intended for users who can lawfully create an account and transact. Minors should not use wallet, KYC, card, gift card, API, or business services without valid consent and supervision where required by law.
We may update this policy when services, laws, providers, or security practices change. Material updates will be posted on this page. For privacy requests, contact support@payeelord.com with the subject "Privacy Request".