Effective Date: December 03, 2025 • Last Updated: February 17, 2026

1. Introduction

Packet Digital Solutions Limited (trading as Packet Africa) operates software that helps creators and educators accept payments from students and fans online. This Privacy Policy explains how we collect, use, share and protect your personal information when you use the Service.

We are a technology company registered with the CAC Nigeria. We do not process payments or hold funds — all financial processing is handled exclusively by our licensed banking partners (including but not limited to Monnify, a product of Moniepoint Inc.).

By using the Service you consent to the practices described in this Policy.

For questions contact our Data Protection Officer at privacy@packetafrica.com.

2. Information We Collect

We collect personal data that identifies, relates to, or could reasonably be linked to you ("Personal Data"). Categories include:

• Identity and Contact Data: Full name, date of birth, gender, nationality, email address, phone number, postal address, username, password, and profile information.
• KYC and Verification Data: Government-issued ID (e.g., passport, driver's license, national ID), bank verification number (BVN), selfies or photos for verification, business registration details, and other documents for Know Your Customer (KYC) compliance.
• Financial and Transaction Data: Bank account details, payment card information, transaction history, amounts, references, wallet balances, payout details, and referral information.
• Technical and Usage Data: IP address, browser type, device information, location data, access times, pages viewed, links clicked, and interaction data (for example, via cookies and web beacons).
• Marketing and Communication Data: Preferences for receiving marketing, survey responses, and communication records (such as emails, chats, and calls).
• Product-Specific Data: For Events: attendee names, emails, phone numbers; For Voting: voter details; For Storefront/Invoicing: customer billing information; For Show Me Love: donor details.
• Sensitive Data: We do not routinely collect sensitive data (such as racial or ethnic origin, religious beliefs, biometric data except for verification selfies, or health data). If such data is collected (for example, for KYC), we obtain explicit consent and apply enhanced protections.

We also collect aggregated or anonymized data that does not identify you.

3. How We Collect Your Information

We collect Personal Data in the following ways:

• Directly from You: When you register an account, complete KYC, create payment links, storefronts, or events, make or receive payments, contact support, subscribe to newsletters, or otherwise interact with our Service.
• Automatically: Through cookies, log files, and similar tracking technologies when you use the Service. You can manage cookie preferences via your browser settings, but this may limit certain functionality.
• From Third Parties: From payment providers (for example, Monnify), fraud prevention agencies, credit bureaus, analytics providers, and public sources for verification and compliance.
• From Your Interactions: When you upload content, participate in voting or events, or communicate with us via our channels.

4. How We Use Your Information

We use your Personal Data for the following purposes, based on legal bases such as consent, performance of a contract, legal obligations, or legitimate interests:

• Service Provision: To create and manage accounts, process payments and transactions, facilitate payouts, verify identity, and provide our products (for example, generate QR codes for events or track votes).
• Compliance and Risk Management: For KYC, anti-money laundering (AML), fraud detection, sanctions screening, and regulatory reporting.
• Security and Improvement: To detect and prevent unauthorized access, monitor usage, analyze trends, improve the Service, and personalize experiences.
• Communications: To send transaction alerts, service updates, marketing communications (with opt-out options), and to respond to your inquiries.
• Legal Obligations: To comply with applicable laws, respond to competent authorities, and resolve disputes.
• Marketing and Analytics: To send promotions (where permitted), conduct surveys, and perform data analytics (often in aggregated or anonymized form).
• Growth & Referral Communications: To send you marketing emails, referral program opportunities, partnership announcements, product updates, and educational content designed to help you grow your business. You consent to these communications upon account creation and may opt out at any time.
• Fraud Detection, Prevention and Regulatory Compliance: To detect, investigate, prevent and respond to fraudulent transactions (including vote manipulation in Voting Links), suspicious activity, and to fulfil our obligations to regulators and payment partners. This may include sharing relevant transaction and user data with our licensed partners and authorities.
• Other Internal Uses: For internal operations, auditing, and enforcing our Terms and policies.

We do not use automated decision-making that significantly affects you without human review.

5. Sharing Your Information

We share Personal Data only as necessary:

• With Affiliates and Service Providers: For processing (such as cloud storage, analytics, customer support), under strict confidentiality agreements.
• With Partners: Payment processors (for example, Monnify), banks, fraud prevention services, and KYC providers.
• Regulatory and Law Enforcement Authorities: When we reasonably suspect fraud, illegal activity, vote manipulation, or to comply with legal obligations, we may disclose your information to the Central Bank of Nigeria, law enforcement agencies, or our payment partners (including Monnify/Moniepoint).
• For Compliance: With regulators, law enforcement, or auditors to meet legal requirements (for example, Central Bank of Nigeria obligations).
• In Business Transfers: If we merge, acquire, or sell assets, your data may be transferred, subject to appropriate safeguards and notice.
• With Your Consent: For marketing or other specified purposes where you have provided consent.
• Aggregated and Anonymized Data: For research, analytics, or statistics, without identifying you.

We do not sell your Personal Data.

6. International Data Transfers

Your data is primarily processed in Nigeria. If it is transferred internationally (for example, to cloud providers or partners in other countries), we ensure adequate protections through contracts, adequacy decisions, or other mechanisms that comply with the Nigeria Data Protection Regulation (NDPR) and applicable laws.

7. Data Security

We implement appropriate technical, organizational, and administrative measures to protect your data, including encryption (such as SSL/TLS), access controls, firewalls, and regular security reviews. However, no system is completely secure, and we cannot guarantee absolute security.

In the unlikely event of a data breach that affects your rights or freedoms, we will notify you and relevant authorities as required by NDPR and other applicable laws.

8. Data Retention

We retain Personal Data only for as long as necessary to fulfill the purposes described in this Policy or as required by applicable law. For example, financial records may be retained for up to seven (7) years under anti-money laundering (AML) and tax regulations.

After the applicable retention period, we will either delete your Personal Data securely or anonymize it so that it can no longer be associated with you.

9. Your Rights Under NDPR

Under the Nigeria Data Protection Regulation (NDPR) and similar data protection frameworks, you may have the following rights:

• Access: Request copies of the Personal Data we hold about you.
• Rectification: Request correction of inaccurate or incomplete data.
• Erasure: Request deletion of your data in certain circumstances, such as where it is no longer needed or where you withdraw consent.
• Restriction or Objection: Request that we restrict processing or object to certain processing activities, including direct marketing.
• Portability: Request that we provide your data in a structured, commonly used, and machine-readable format.
• Withdraw Consent: You may withdraw consent for marketing communications at any time by clicking the "unsubscribe" link in any marketing email or by contacting privacy@packetafrica.com. Withdrawal does not affect the lawfulness of processing based on consent before withdrawal.
• Complaint: Lodge a complaint with us or with the Nigeria Data Protection Commission (NDPC).

To exercise any of these rights, please email us at privacy@packetafrica.com. We aim to respond within thirty (30) days and will not charge a fee unless your request is excessive, repetitive, or manifestly unfounded. We may ask you to verify your identity before responding.

10. Children's Privacy

Our Service is not intended for children under the age of 18, and we do not knowingly collect Personal Data from minors. If we become aware that we have collected data from a child under 18, we will take steps to delete such information promptly.

If you believe that a child has provided us with Personal Data, please contact us immediately at privacy@packetafrica.com.

11. Cookies and Tracking

We use cookies and similar tracking technologies to operate and improve the Service. Cookies help us remember your preferences, understand how you use the platform, and deliver more relevant content and marketing.

You can manage or disable cookies through your browser settings. However, some cookies are essential for the Service to function and cannot be disabled without affecting core features. For more detailed information on how we use cookies and how you can manage them, please review our dedicated Cookie Policy.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you via email, through the Service, or by updating the "Last Updated" date at the top of this page.

Your continued use of the Service after any changes become effective constitutes your acceptance of the updated Policy.

13. Contact Us

If you have questions, concerns, or complaints about this Privacy Policy or our data practices, you can reach our Data Protection Officer at:

• Data Protection Officer
• Email: privacy@packetafrica.com
• Address: Lagos, Nigeria
• Website: https://www.packetafrica.com

If you are not satisfied with our response, you may contact the Nigeria Data Protection Commission (NDPC) at https://ndpc.gov.ng/.