PRIVACY POLICY, TERMS AND CONDITIONS FOR SUNBEAM MFB LTD MOBILE APP
I’ll create comprehensive, Nigeria-compliant Privacy Policy and Terms & Conditions documents for Sunbeam MFB Ltd’s mobile app, based on regulatory requirements from the Central Bank of Nigeria (CBN) and the Nigeria Data Protection Regulation (NDPR).
PRIVACY POLICY FOR SUNBEAM MFB LTD MOBILE APP
Last Updated: June 22, 2026
- INTRODUCTION
This Privacy Policy describes how Sunbeam Microfinance Bank Limited (“we,” “us,” or “our”) collects, uses, discloses, and protects your personal information when you use our mobile banking application (the “App“).
By downloading, installing, and using the App, you consent to the practices described in this Privacy Policy. We are committed to protecting your privacy and ensuring the security of your personal information in compliance with applicable data protection laws, including:
- Nigeria Data Protection Regulation (NDPR) 2019
- Nigeria Data Protection Act 2023
- Central Bank of Nigeria (CBN) Banking and Financial Regulations
- Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) Requirements
- INFORMATION WE COLLECT
2.1 Personal Information
When you register for and use our App, we collect the following personal information:
|
Category |
Information Collected |
|
Identity Information |
Full name, date of birth, gender, nationality |
|
Contact Information |
Phone number, email address, residential address |
|
Government-Issued Identification |
National Identification Number (NIN), Bank Verification Number (BVN), passport photograph, driver’s license or International passport |
|
Financial Information |
Account details, transaction history, account balances, loan information |
|
Biometric Data |
Facial recognition data, fingerprint data (for KYC verification and authentication) |
|
Photographs |
Selfie images and ID document photos for identity verification |
2.2 Device Information
We automatically collect device information:
- Device Identifiers: Unique device ID generated for your device
- Device Details: Device name, model, brand, manufacturer
- Operating System: OS name and version (iOS/Android)
- Application Information: App version and build number
2.3 Location Information
With your consent, we collect:
- Geographic Location: Latitude and longitude coordinates (collected once during device registration for security verification)
- Location Accuracy: Precision level of location data
2.4 Network Information
- IP Address: Your device’s Internet Protocol address
- Network Type: WiFi or cellular network status
2.5 Usage and Analytics Data
- Transaction Data: Details of financial transactions you perform
- App Usage Patterns: Features used, screens visited, interaction timestamps
- Error and Diagnostic Logs: Technical information to identify and fix issues
- HOW WE USE YOUR INFORMATION
We use collected information for the following purposes:
3.1 Security and Fraud Prevention
- Verifying your identity during registration and login
- Detecting and preventing fraudulent activities
- Securing your account through biometric authentication
- Monitoring for suspicious activities
3.2 Service Delivery
- Processing your financial transactions
- Providing customer support
- Sending transaction notifications and alerts
- Enabling push notifications for account updates
3.3 Regulatory Compliance
- Complying with Know Your Customer (KYC) requirements
- Meeting Anti-Money Laundering (AML) obligations
- Fulfilling reporting requirements to regulatory authorities
- Maintaining required records for audit purposes
3.4 Service Improvement
- Analyzing app performance and user experience
- Troubleshooting technical issues
- Developing new features and services
3.5 Communication
- Sending service-related notifications
- Providing security alerts
- Delivering promotional communications (with your consent)
- HOW WE SHARE YOUR INFORMATION
We may share your information with:
4.1 Regulatory Bodies and Government Agencies
- Central Bank of Nigeria (CBN)
- Nigeria Deposit Insurance Corporation (NDIC)
- Nigeria Data Protection Commission (NDPC)
- Financial Intelligence Unit (NFIU)
- Other regulatory authorities as required by law
4.2 Identity Verification Partners
- Third-party KYC service providers for BVN validation, NIN verification, and facial recognition
4.3 Service Providers
- Cloud hosting providers for data storage
- Payment processing partners
- Analytics providers
- Customer support platforms
4.4 Legal Requirements
We may disclose your information when required to:
- Comply with legal obligations
- Respond to lawful requests from law enforcement
- Protect our rights, privacy, safety, or property
- Prevent or investigate possible wrongdoing
We do not sell your personal information to third parties.
- DATA SECURITY
We implement robust security measures to protect your personal information:
5.1 Technical Safeguards
- Encryption: All data encrypted in transit using TLS/SSL protocols and at rest using industry-standard encryption
- Secure Storage: Sensitive data stored in secure, encrypted storage on your device
- Biometric Authentication: Optional fingerprint and Face ID authentication
- Device Registration: Unique device identification to prevent unauthorized access
5.2 Organizational Measures
- Access controls limiting who can view your data
- Regular security audits and assessments
- Staff training on data protection
- Incident response procedures
- DATA RETENTION
We retain your personal information for as long as:
- Your account remains active
- Necessary to provide our services
- Required by applicable laws and regulations (minimum 6 years for financial records as required by CBN guidelines)
- Needed for legitimate business purposes
After these periods, your data will be securely deleted or anonymized.
- YOUR RIGHTS
Under applicable data protection laws, you have the following rights:
|
Right |
Description |
|
Right to Access |
Request a copy of personal information we hold about you |
|
Right to Rectification |
Request correction of inaccurate or incomplete personal information |
|
Right to Deletion |
Request deletion of your personal information (subject to legal retention requirements) |
|
Right to Restriction |
Request restriction of processing your personal data |
|
Right to Portability |
Receive your data in a structured, commonly used format |
|
Right to Object |
Object to certain types of processing, including direct marketing |
|
Right to Lodge Complaint |
File a complaint with the Nigeria Data Protection Commission |
To exercise these rights, contact our Data Protection Officer using the information below.
- COOKIES AND TRACKING TECHNOLOGIES
The App may use:
- Analytics Tools: To understand app usage patterns
- Session Tokens: To maintain your authenticated session
- Local Storage: To store preferences and improve performance
- THIRD-PARTY LINKS
The App may contain links to third-party websites or services. We are not responsible for the privacy practices of these external sites. Review their privacy policies before use.
- CHILDREN’S PRIVACY
Our App is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that a child has provided personal information, we will delete such information.
- CHANGES TO THIS PRIVACY POLICY
We may update this Privacy Policy from time to time. We will notify you of material changes by:
- Posting the updated policy in the App
- Sending you a notification
- Displaying a prominent notice within the App
Your continued use of the App after modifications constitutes acceptance of the updated Privacy Policy.
- CONTACT US
If you have questions regarding this Privacy Policy or our data practices:
Sunbeam Microfinance Bank Limited
- Email: info@sunbeammfb.com
- Data Protection Officer: adewuyi@sunbeammfb.com
- Phone: +234 810 177 6289
- Address: 1 Ugbonhan Street, Efon-Alaaye, Ekiti State, Nigeria
Regulatory Information:
This App and its services are regulated by:
- Central Bank of Nigeria (CBN)
- Nigeria Data Protection Commission (NDPC)
- CONSENT
By downloading, installing, and using this App, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with any part, please do not use the App.
This Privacy Policy is effective as of June 22, 2026.
