Data Processing

Emisri Limited ("Emisri") is committed to safeguarding the information of customers, stakeholders, partners, and other interested parties with the utmost care and confidentiality. This Data Protection Policy, in conjunction with our Privacy Policy, affirms our commitment to processing data in compliance with the Nigeria Data Protection Act (NDPA), General Data Protection Regulation (GDPR), and other relevant data protection laws.

We acknowledge that we gather, store, and handle data fairly, transparently, and with respect for individual rights.

1. Scope

As part of Emisri’s operations, we collect and process information, including names, addresses, phone numbers, and email addresses. We collect this information securely and transparently, with full cooperation and knowledge of data subjects.

To ensure the protection of this information, we apply the following rules:

1. Use personal data for lawful purposes only.

2. Protect personal data against unauthorized and illegal access.

3. Share data only with third parties necessary for service provision.

To comply with data protection regulations and demonstrate our commitment, we:

1. Restrict and monitor access to sensitive data.

2. Develop transparent data collection procedures.

3. Train employees in online privacy and security measures.

4. Build secure networks to protect against cyber threats.

5. Establish clear procedures for reporting privacy breaches or data misuse.

6. Implement data protection practices, including document shredding, secure storage, encryption, and access authorization.

2. How We Obtain Your Personal Data

We obtain personal data when you use our services, including during registration, service interactions, and customer support inquiries. Information collected includes name, phone number, address, email, company name, designation, and country.

When funding a wallet through third-party payment providers, you may be required to input card details. Please note that such payment data is not stored by Emisri but by the payment institution.

Additionally, we may collect and process data related to your communications when using Emisri services such as SMS, phonebook, teams, groups, and direct messaging.

3. Personal Data Usage

We use personal data for the following purposes:

1. Processing and delivering our services.

2. Notifying users of service status and updates.

3. Sending marketing or campaign communications where users have opted in.

4. Enhancing user experience through service improvements.

5. Preventing fraud and ensuring platform security.

4. Sharing Your Personal Data

Emisri does not sell or trade personal data. We share data only when necessary to provide services, including with trusted partners such as payment processors, service providers, and regulatory bodies.

Data may be shared with companies engaged to provide services on our behalf, such as payment processing or communication facilitation. Users interacting with third-party service providers should review their respective data protection policies.

To ensure compliance across regions, personal data may be transferred to service providers, affiliates, or contractors in various jurisdictions with adequate safeguards in place.

5. Securing Customer Personal Data

We implement strict security measures, including encryption, secure servers, and limited database access, to protect user data. Firewalls are used to prevent unauthorized access, and we conduct regular security audits to strengthen system defenses.

6. Customer Compliance

Users of Emisri services are responsible for complying with applicable data protection laws when processing personal data. Users agree to:

1. Comply with data protection regulations when using Emisri services.

2. Indemnify Emisri against liabilities arising from data protection violations.

3. Avoid processing special categories of personal data unless explicitly supported by Emisri’s services.

4. Provide information necessary for Emisri to comply with legal obligations, including security and breach notification requirements.

7. Customer Rights and Choices

Users have the right to:

1. Decline to provide personal data, with the understanding that certain services may be unavailable.

2. Withdraw consent for data processing, subject to applicable legal and contractual obligations.

3. Request access, correction, or deletion of personal data by contacting control@emisri.com.

8. Data Protection Impact Assessment

Emisri conducts Data Protection Impact Assessments (DPIA) for high-risk processing activities, following these steps:

1. Identify and assess processing activities, including automated decision-making and profiling.

2. Evaluate potential risks to data subjects, such as privacy breaches or security threats.

3. Ensure processing aligns with data protection principles, such as minimization and security.

4. Implement risk mitigation measures, such as encryption, access controls, and retention policies.

5. Document all findings and, where necessary, submit the DPIA to the Nigeria Data Protection Commission (NDPC).

6. Monitor and review DPIAs periodically, ensuring continued compliance with regulatory requirements.

9. International Compliance Standards

Emisri operates in multiple jurisdictions and adheres to international data protection standards.

1. European Economic Area (EEA) and United Kingdom (UK): If required by local laws, we ensure a legal basis for processing personal data and comply with regulatory requirements.

2. United States: We recognize California Consumer Access and Deletion Rights. Users may request access to or deletion of personal data, subject to verification.

3. Other Regions: Emisri applies high standards of data protection globally, respecting individual jurisdictional requirements.

10. Changes to Our Policies

We reserve the right to update this policy at any time. Changes will be posted on our website, and users will be notified of material updates. Continued use of Emisri services after changes constitute acceptance of the revised policy.

For further inquiries, contact control@emisri.com.