RockPay Inc.
DATA USAGE POLICY
Effective Date: June 2025
At RockPay Inc., we are committed to protecting the privacy and data of our users while ensuring transparency in how we collect, use, store, and share your information. This Data Usage Policy outlines our data practices in relation to our mobile application and related services, including peer-to-peer payments, cryptocurrency transactions, airtime/data purchases, USD/NGN exchange, and utility payments.
1. Information We Collect
A. Personal Information
- Full name, date of birth, gender
- Phone number and email address
- Bank account details, card information (encrypted)
- Government-issued ID (e.g., NIN, BVN, international passport)
- Residential address and utility bill (for verification)
- Selfie or facial image (for identity verification/KYC)
- Device identifiers (e.g., IMEI, device ID)
- Geolocation data (if permission is granted)
B. Transactional Information
- Transaction history (debits/credits, airtime, data, crypto)
- Peer-to-peer payment details
- Fiat and crypto exchange rates used
- Utility bills or subscriptions processed
C. Usage & Technical Information
- IP address and device location
- App usage metrics, crash logs
- Date/time of access, pages viewed, and interactions
- Referral source (e.g., third-party links or ad platforms)
2. How We Use Your Information
A. To Provide Services
- Verify your identity for onboarding (KYC)
- Enable P2P transactions, currency exchange, and crypto trades
- Process airtime, data, and bill payments securely
- Provide real-time customer support and transaction updates
B. To Comply with Legal Obligations
- Anti-money laundering (AML) and combating financing of terrorism (CFT) compliance
- Regulatory reporting to authorities such as CBN, NDIC, NIBSS, and EFCC
C. To Improve and Secure Our Services
- Analyze usage trends and optimize user experience
- Detect, investigate, and prevent fraudulent or unauthorized activity
- Ensure system and data security across all platforms
D. For Communication and Marketing (with your consent)
- Notify you about transactions, promotions, feature updates
- Send relevant news, surveys, and marketing offers via SMS, email, or in-app messages
3. Data Sharing and Disclosure
RockPay Inc. does not sell your personal data. However, we may share it under the following circumstances:
A. With Authorized Third Parties
- Banks, payment processors, and licensed financial institutions
- Licensed crypto partners for buy/sell orders
- Airtime/data providers and electricity bill processors
B. With Service Providers
- Cloud storage and data analytics providers
- Identity verification and biometric providers (e.g., facial recognition)
C. With Regulators or Law Enforcement
- When legally required by court order or regulatory directive
- To detect and prevent fraud, criminal activity, or security threats
4. Data Retention
We retain your data only as long as necessary for the purposes listed in this policy or as required by law (e.g., 5-7 years for financial compliance). Upon closure of your account, certain information may still be retained to fulfill legal and regulatory obligations.
5. Your Privacy Rights
Depending on your jurisdiction, you may have the right to:
- Access and review your personal data
- Correct or update inaccurate information
- Request deletion or restrict use of your data
- Withdraw consent for marketing communication
- Port your data to another provider
To exercise these rights, contact our Data Protection Officer (DPO) at: 📧 privacy@rockpay.app
6. Data Security Measures
- End-to-end encryption for sensitive transactions
- Two-factor authentication (2FA)
- Tokenization of card and financial information
- Regular penetration testing and vulnerability scans
- Role-based access control (RBAC) within our infrastructure
7. Cookies and Tracking Technologies
We may use cookies and similar technologies (in-app or web) for session management, usage analytics, and personalized experience. You can disable cookies via your device settings, though some features may be limited.
8. International Data Transfers
If your data is transferred outside your home country, we ensure such transfers comply with applicable data protection laws through adequate safeguards such as standard contractual clauses or relevant regional agreements.
9. Children's Privacy
RockPay does not knowingly collect or process data of children under the age of 18. Users must be legally eligible to create a financial account and use fintech services in their jurisdiction.
10. Updates to This Policy
This Data Usage Policy may be revised periodically. Users will be notified via the app or email of any material changes. Continued use of our services constitutes acceptance of the updated policy.
