image

Privacy Policy (NDPA 2023 Compliant)

  • Home
  • Privacy Policy (NDPA 2023 Compliant)

Privacy Policy (NDPA 2023 Compliant)

 

Last Updated: June 2026**

 

1. Introduction

 

MortFund Management Services Ltd (“MortFund”, “we”, “us”, “our”) is committed to protecting your privacy and personal data in compliance with the Nigeria Data Protection Act, 2023 (NDPA)**.

 

The NDPA establishes a comprehensive legal framework for processing personal data in Nigeria and is enforced by the Nigeria Data Protection Commission (NDPC).

 

This Privacy Policy explains how we collect, use, store, and protect your personal data when you use our platform.

 

2. Scope of This Policy

 

This policy applies to:

 

* All users of MortFund (donors, campaign creators, beneficiaries)

* Visitors to our website

* Any individual whose personal data we process

 

The NDPA applies to all organizations processing personal data of individuals in Nigeria, regardless of location.

 

3. Lawful Basis for Processing Personal Data

 

We process personal data only where there is a lawful basis under the NDPA, including:

 

* Your consent

* Performance of a contract (e.g., facilitating donations)

* Compliance with legal obligations

* Protection of vital interests

* Our legitimate business interests

 

4. Personal Data We Collect

 

We may collect the following categories of data:

 

a. Identity Information

 

* Full name

* Date of birth

* Government-issued ID

 

b. Contact Information

 

* Email address

* Phone number

 

c. Financial Information

 

* Payment details (processed securely via third-party providers)

 

d. Technical Data

 

* IP address

* Device and browser information

 

e. Campaign Information

 

* Campaign content, images, videos, and supporting documents

 

We adhere to the NDPA principle of data minimization, collecting only what is necessary.

 

5. How We Use Your Data

 

We use personal data to:

 

* Create and manage user accounts

* Facilitate donations and withdrawals

* Verify identities (KYC compliance)

* Detect and prevent fraud

* Communicate with users

* Improve platform performance

 

We process data in a lawful, fair, and transparent manner as required by NDPA.

 

6. Data Sharing & Third Parties

 

We may share your data with:

 

* Payment processors

* Identity verification providers

* Regulatory authorities (where required by law)

 

We ensure that all third parties comply with NDPA obligations and data protection standards.

 

7. Cross-Border Data Transfers

 

Where personal data is transferred outside Nigeria:

 

* We ensure the receiving country provides adequate data protection, or

* Appropriate safeguards (e.g., contractual clauses) are implemented

 

This is required under NDPA rules on international data transfers.

 

8. Data Retention

 

We retain personal data only for as long as necessary to:

 

* Fulfill the purpose for which it was collected

* Comply with legal, regulatory, or audit requirements

 

After this period, data is securely deleted or anonymized.

 

9. Data Subject Rights (Your Rights)

 

Under the NDPA, you have the right to:

 

* Access your personal data

* Correct inaccurate data

* Request deletion of your data

* Withdraw consent at any time

* Object to processing

* Request data portability

 

Organizations must respond to such requests within statutory timelines.

 

10. Data Security Measures

 

We implement appropriate technical and organizational measures, including:

 

* Encryption and secure servers

* Access control restrictions

* Continuous monitoring for breaches

 

We ensure integrity and confidentiality of personal data as required by NDPA.

 

11. Data Breach Notification

 

In the event of a data breach:

 

* We will notify the Nigeria Data Protection Commission (NDPC) within 72 hours

* Affected users will be informed where there is a high risk to their rights

 

This is a mandatory requirement under the NDPA.

 

12. Data Protection Officer (DPO)

 

MortFund appoints a *Data Protection Officer (DPO)* responsible for:

 

* Monitoring compliance with NDPA

* Handling data protection requests

* Acting as liaison with regulators

 

13. Children’s Privacy

 

* We do not knowingly collect data from individuals under 18

* Where applicable, parental or guardian consent is required

 

14. Cookies & Tracking Technologies

 

We use cookies to:

 

* Improve user experience

* Analyze platform usage

 

Users can manage cookie preferences through browser settings.

 

15. Compliance, Audits & Accountability

 

Where applicable, MortFund will:

 

* Conduct Data Protection Impact Assessments (DPIAs)**

* Maintain data processing records

* Submit compliance reports to NDPC where required

 

Organizations processing significant volumes of data may be required to register and file compliance audits annually.

 

16. Changes to This Policy

 

We may update this Privacy Policy to reflect:

 

* Regulatory changes (NDPA updates, NDPC guidance)

* Platform improvements

 

Users will be notified via website updates or email.

 

17. Contact Us

 

For privacy-related inquiries or to exercise your rights:

 

Office: Libra Plaza, 87–89 Baale Animashaun Road, Alakuko, Lagos, Nigeria

Email: support@mortfund.com

Phone: +234 802 387 4201

Website: https://mortfund.com