Dodopay (“we”, “us”, “our”) takes your privacy seriously and we are committed to best practices in respect of your personal data and complying with data protection laws. This policy applies to Dodopay as a whole; including our website and mobile app, and is written for visitors to our website, our wait list and our customers. This policy also applies to various storage mediums including physical and digital.
Who we are
What personal data we collect and why we collect it
- Our app or website
When you sign up to Dodo, you provide details such as your name, date of birth, gender, email, phone number, photograph, address, valid identification document and Bank Verification Number (BVN). We will only use these information in strict accordance with the law.
- Transaction details
All cards, phone numbers and accounts you use during transactions (Bank transfers, Airtime purchase, account funding, bill payment) on Dodo.
- Permission and access to phone data
This includes things like your phone book (contacts), device storage, location, photo and data from your camera.
- Device Information
Your internet service provider, your IP address, device make and device model.
Sources of personal data
Personal information will only be collected directly and voluntarily from you as part of the application process or as a result of transactions relating to your Dodo Cards. Some personal information may be verified by us and PPS with use of publicly accessible sources to fulfil customer due diligence.
Storage and recipients of personal data
We operate a ‘Secure by Design’ approach to protecting your data. This involves the use of best practices such as intrusion detection systems, firewalls, access control, encryption and key rotation and policies that ensure only those who need access to data do. 3rd parties holding your personal data are expected to apply the same level of security and controls. Whilst we issue notifications for key changes in your profile, if you suspect anything suspicious please let us know.
If we become aware of unauthorised access to your data we will contact you promptly.
Some of the kinds of 3rd parties that receive your personal data are in the areas of:
- Infrastructure (servers, databases etc.)
- Identity checking
- Anti money laundering
- Address/account lookup
- System emails
- Update/marketing emails
- Text messages
- Push messages
- Error logging
- Customer support
- Product analytics
- Card manufacturers
- Card scheme
We do not and will never sell your personal data.
Your personal data are retained so long as you remain an active customer of Dodo, i.e. you have an open account with us.In the event that you wish to close your Dodo account we don’t keep your information for longer than we need to, which is usually 7 years after the end of the relationship or upon termination of the contract, unless we are required to keep it longer (for example due to a court order or investigation by law enforcement agencies or regulators). This is so that we meet our legal obligations, e.g. the Money Laundering Regulations 2017.
After this time has elapsed your data will be deleted from all Dodo PPS and 3rd parties systems
Under the General Data Protection Regulation 2018 you have enhanced rights in respect of your personal data and special category data.
- Right to rectification. You have the right to correct any incorrect personal data we store about you. You can change your own personal data in most cases or else speak with our Customer Support team.
- Right to erasure. Also known as the right to be forgotten, you may ask for your personal data to be deleted. Please note that this will constitute an account closure in most cases. We are legally obliged to retain data however even after an account closure – see Data Retention.
- Right to restrict processing. You have the right to restrict our processing of your personal data.
- Right to data portability. You have the right for your personal data to be exportable in easy to use, open formats such as CSV.
- Right to object. You have the right to object to use of your personal data for direct marketing.
To exercise any of your legal rights, you can email us at [email protected]
Big Data means processing and analysis of large amounts of data to identify patterns, trends and associations that can be used to make decisions. Dodo shall only ever perform such Big Data processing on anonymised data, i.e. data that is not linked to a specific person.
Example: we might want to understand how age groups of our customers relate to the usage of Dodo features so that we can tailor our product better.
If you aren’t happy with how we’ve handled your personal information, please email us at [email protected] and we’ll try our best to make it right.
Closing your account
If you want to close your account for any reason, just write to us and we will get this processed for you. We’ll settle up any balance first. Once your account is closed, you will lose access to your account and your card will be deactivated. We’ll talk you through how to export your records before closing your account.
This policy may change from time to time and is effective from date of posting to our website and app. For significant changes we will also let you know by email or through the Dodo app.