KasyKredit Logo
  • Home
  • Benefits
  • How It Works
  • FAQs
  • Contact
Download App Soon

Privacy Policy

Home Privacy Policy

PRIVACY POLICY

June 22, 2026

At KasyKredit, the privacy of our Data Subjects and their Personal Data is of utmost importance to us. In line with our resolution, we have developed this Privacy Policy to explain your privacy rights, particularly regarding how we collect, process, retain, share and protect your Personal Data when you use the KasyKredit mobile application, visit our website or premises, or otherwise use our services (collectively, "the Platform" or "Services").

KasyKredit is owned and operated by FLAGLA LENDING LTD (RC 8455713) ("KasyKredit", "we", "us" or "our"), a private company limited by shares incorporated under the Companies and Allied Matters Act 2020 and licensed to carry on the business of money lending under the Money Lenders Act (Cap. 512). This Privacy Policy between FLAGLA LENDING LTD and you constitutes our commitment to your continued privacy on all our platforms. It is designed to provide information regarding our privacy practices and to help you understand how we handle your data, in full compliance with the Nigeria Data Protection Act 2023 and other applicable data protection regulations.

1. Consent

When you access our Platform and give your consent upon such access, you accept this Privacy Policy; in particular, as you apply for and use the loan services offered on our mobile application and website, or visit any of our offices and submit your data for official or non-official purposes.

2. What Personal Data do we collect?

We collect Personal Data about you when you use the Services offered on our mobile application and website, including the following:

1. Sign-up information: When you register to use our Services, we will collect Personal Data as necessary to offer and fulfil the service you request. In line with regulatory requirements for Know Your Customer (KYC) purposes, we may require that you provide us with your name, gender, date of birth, marital status, facial photo, residential address (state, area and full address), ID information (photo, number), utility bill, email address, mobile number, social media handles, employment and income information, and the bank account details into which your loan will be disbursed and from which repayments will be collected. We will also require your NIN, BVN and/or TIN in line with regulation and in furtherance of our KYC computation processes.

2. We may also require you to provide additional, necessary personal details as you use our Services.

3. Loan information: When you use our Platform to apply for, receive and repay loans, we collect information about the transaction and other associated information necessary to offer and fulfil the service we are obliged to, such as the loan amount, repayment date, interest, loan product and tenure, disbursement and repayment bank account details, your KasyKredit borrower rating, repayment history, and information about your device and geolocation. We may cross-check your identity with third parties, including the person(s) you have provided as your reference/emergency contact, and with credit bureaus and other financial institutions. By registering for the Services, you authorize the collection and processing of the foregoing data.

4. Image Information: We may collect your image (upload, storage, and use) information to support account opening, such as uploading your portrait. We may also collect information from your images when you use our customer support to upload evidence such as bank statements. In addition, we may collect your image information in connection with regulatory KYC purposes.

5. Information from other sources: We may collect information from other sources, such as our social media platforms, when you reach out to us to lodge a complaint about our Services. We may also receive information about you from credit bureaus, financial institutions and other third parties to support credit and fraud decisions. We will only ask for information relevant to the help required of us.

6. When you apply for a job with us: We may request Personal Data about your education, employment and state of health. As part of your application, you will be asked to provide your express consent to our use of this information to assess your application and any monitoring activities which may be required of us under applicable laws as an employer. We may also carry out screening checks (including reference, background and criminal record checks). We may exchange your Personal Data with academic institutions, recruiters, health maintenance organisations, law enforcement agencies, referees and your previous employers. Without your Personal Data, we may not be able to process your application for positions with us.

7. We do not collect the information of minors: If you are under the age of 18, you are not eligible to use the Services offered on our Platform.

3. Device Permissions and Data We Access

To assess your loan eligibility, verify your identity, prevent fraud and operate the Services, our mobile application requests access to the following data on your device. You may grant or decline these permissions; declining some permissions may limit or prevent your use of certain Services. All data described below is encrypted and transmitted to our secure server via HTTPS.

1. SMS: With your consent, we access financial/transactional SMS messages in your inbox within the most recent three (3) months, including the sender number, sender name and message content. We use only financial-related messages.

  • Purpose: To identify and analyse your multi-lending behaviour, verify and track your financial transactions, detect fraud, and determine your credit limit based on your cash-flow patterns and repayment ability.
  • Storage and retention: SMS data is encrypted and uploaded to our secure server. Personal and non-financial messages are filtered out. Financial SMS data is deleted from our server after your loan eligibility has been assessed.
  • We will never share your SMS data with any third party.

2. Emergency / Reference Contacts: With your consent, we collect the emergency/reference contacts you provide to verify your identity and to support your loan application.

  • Purpose: Identity verification and reaching you in case of emergency.
  • These contacts will NOT be used for loan repayment/collection purposes, and your loan information will NOT be disclosed to them.

3. Phone and Device Information: We access information about your device, including your phone number, device name, model, region and language settings, device identifiers (such as IMEI and serial number), hardware and software information, IP address and usage habits.

  • Purpose: To uniquely identify your device and ensure that unauthorized devices do not act on your behalf, to prevent fraud.

4. Installed Applications: We access the list of applications installed on your device.

  • Purpose: To detect untrusted or malicious applications that may affect the security of your funds, for fraud prevention.

5. Camera: This permission allows you to take photos.

  • Purpose: To verify that KYC and account actions are performed by you and not by someone else (e.g. portrait/liveness checks).

6. Location (Geolocation): With your consent, we access your device location.

  • Purpose: Fraud prevention, identity verification and to meet regulatory requirements.

7. Storage: We access device storage to save and upload photos and documents.

  • Purpose: To allow pictures taken or documents selected by you to be saved locally and uploaded to our server for KYC and support.

8. Network, Battery and Diagnostics: We access network/WiFi status, battery level, and diagnostic data such as memory usage, crash and ANR information.

  • Purpose: To optimize application performance, improve network reliability and analyse application stability so we can give you a better experience.

Except for the third-party processing expressly described in Section 6 (Sharing your Personal Data), the data accessed through the permissions above is used internally by KasyKredit and is not shared with third parties.

4. How Do We Retain Personal Data?

We retain Personal Data in an identifiable format only for as long as required for our business purposes, with specific reference to the service rendered to you, and to fulfil our legal or regulatory obligations. Subject to applicable law, which might from time to time oblige us to retain your Personal Data for a certain period of time, we will retain your Personal Data for as long as necessary to fulfil the purposes we collected it for, including the purposes of satisfying any legal, accounting, or reporting obligations.

5. How Do We Process Personal Data?

We collect your Personal Data to provide you an efficient and secure customer experience. We may process your Personal Data for the following reasons:

1. Provide services, including to:

  • Generate your borrower profile and assess your loan application, eligibility and credit limit;
  • Disburse approved loans and collect repayments;
  • Authenticate your access to your account;
  • Communicate with you about your account and loans.
2. Manage risk, fraud and abuse of our Services and protect you from fraud (by developing and adopting measures of verifying your identity). Our risk and fraud tools use Personal Data, device information and geolocation from our Platform to help detect and prevent fraud and abuse of the Services. 3. Comply with our legal and regulatory obligations and enforce the terms of our Platform and Services, including to comply with all applicable laws and regulations. 4. Trail information breaches and remediate such identified breaches. 5. Resolve disputes and troubleshoot problems. 6. With your prior consent:
  • Market KasyKredit's products and services to you;
  • Use cookies to provide a targeted display, feature, service or offer to you;
  • Provide you with location-specific functionality if you authorize us to access your geolocation information through the Services.

We will not send unsolicited marketing communications to you by SMS or email if you have not opted in to receive them. Additionally, you may withdraw your consent at any time and free of charge.

6. Sharing your Personal Data

We do not sell your Personal Data to anyone for any purpose. We may share your Personal Data or other information about you with others only for the following reasons:
  • With our affiliates: We may share your Personal Data with our affiliates as necessary to enable the technical service you request, to manage risk through our risk model system, to prevent potentially illegal and fraudulent acts and violations of our policies and agreements, and to help us manage the connectivity of our Services.
  • With companies that provide services to us: We may share Personal Data with third-party service providers that perform services and functions at our direction and on our behalf. These third-party service providers may, for example, verify your identity, assist in processing disbursements and repayments, support credit scoring, recover debts, send you advertisements for our products and services, or provide customer support. We make sure that these companies have compliant, legal measures in place to ensure the security and confidentiality of your Personal Data.
  • With unaffiliated third-party service providers that offer functionality through our Platform, with your prior consent, to help complete the service you request.
  • With financial institutions and payment partners that we have partnered with to disburse loans, collect repayments and keep your financial information up to date.
  • With credit bureaus and data processors for credit reference checks, credit reporting, and anti-fraud and compliance purposes — all in accordance with applicable data privacy regulations and laws.
  • Where permitted or required by law. We may share information about you with other parties for KasyKredit's business purposes or as permitted or required by law, including:
  • If we need to do so to comply with a court proceeding, other legal process or an applicable regulation;
  • To law enforcement authorities, regulatory agencies or other government officials, or other third parties pursuant to a court order or other legal process or requirement applicable to KasyKredit or an affiliated entity;
  • Where we reasonably believe that the disclosure is necessary or appropriate to prevent imminent physical harm or financial loss or in connection with an investigation of suspected (or actual) illegal activity;
  • To investigate violations of or enforce a user agreement or other legal terms applicable to any service;
  • To protect our property, services and legal rights;
  • As reasonably and legally permitted, to facilitate a purchase or sale of all or part of KasyKredit's business, or in the instance of a merger or acquisition;
  • To support our audit, compliance, and corporate governance functions.
  • With your consent: We will also share your Personal Data and other information with your consent or direction.

We may also process anonymous and aggregated data to analyse product usage patterns and produce statistics. Such anonymous data does not allow you to be identified and may be shared with third parties.

7. How We Use Cookies

Cookies are small files placed on your device's browser that enable the website to identify your device as you view different pages. Like most interactive websites, our website uses cookies to track your activity for the duration of a session. Our website uses only encrypted session cookies which are erased either after a predefined timeout period or once you log out of the Platform and close the browser. Session cookies do not collect information from your device. They will typically store data in the form of a session identification that does not personally identify you. Certain aspects of our website are only available through the use of cookies, so your use of our website may be limited or not possible if you choose to disable or decline cookies. If you choose to decline the cookies, you may simply exit our website.

8. What Are Your Rights?

1. Requests to Access, Rectify or Erase

a. Access Request — As permitted under law and applicable data privacy regulations, you have the right to ask us whether we hold any Personal Data relating to you and, if we do, to be provided with a copy of that Personal Data in electronic form, unless you want to receive it in another way (for example, a paper copy). In addition, you can ask us for information on how we use your Personal Data, who we share it with, how long we keep it, where it is stored, and other information to help you understand how we use it.

b. Rectification Request — You have the right to ask us to correct your Personal Data (including by means of providing a supplementary statement) if it is inaccurate, or to update outdated or incomplete Personal Data without undue delay. Where we cannot correct the Personal Data, we will include a note on our files regarding your request.

c. Erasure Request — You have the right to ask us to erase your Personal Data if: i. Your Personal Data are no longer necessary for the purpose(s) they were collected for; ii. Your Personal Data have been unlawfully processed; iii. Your Personal Data must be erased to comply with a regulation; iv. You withdraw your consent for the processing of the Personal Data (and if this is the only basis on which we are processing your Personal Data); v. You object to the possession, provided there are no overriding legitimate grounds for continued processing; or vi. You object to processing for direct marketing purposes.

If we receive your erasure request, we will also take reasonable steps to inform other data controllers processing the data so they can seek to erase links to or copies of your Personal Data. We may refuse to act on your request to erase your Personal Data where the processing of your Personal Data is necessary: d. To exercise our right of freedom of expression and information; e. To comply with the relevant Nigerian laws and regulations; f. For the performance of a task carried out in the public interest or to exercise some official authority vested in us; g. To establish, exercise or defend legal claims; h. To comply with pertinent legal and regulatory directives.

In these cases, we can restrict the processing instead of erasing your Personal Data if requested to do so by you.

2. Requests to Object: You have the right to object at any time to the processing of your Personal Data if we process it based on our legitimate interests. This includes any so-called "profiling". Our privacy notice informs you when we rely on legitimate interests to process your Personal Data. In these cases, we will stop processing your Personal Data unless we can demonstrate compelling legitimate reasons for continuing the processing. We may reject your request if the processing of your Personal Data is needed to establish, exercise or defend legal claims. You have the right to object at any time if we process your Personal Data for direct marketing purposes. You may also object at any time to profiling supporting our direct marketing. In such cases, we will stop processing your Personal Data when we receive your objection.

3. Requests to Restrict: You have the right to ask us to restrict the processing of your Personal Data if: a. You contest the accuracy of your Personal Data and we are in the process of verifying the Personal Data we hold; b. The processing is unlawful and you do not want us to erase your Personal Data; c. We no longer need your Personal Data for the original purpose(s) of processing, but you need them to establish, exercise or defend legal claims and you do not want us to delete the Personal Data; or d. You have objected to processing carried out because of our legitimate interests while we verify if our legitimate grounds override yours.

If processing is restricted, we may process your Personal Data (except for storage purposes) only: e. If you have given us your consent; f. For establishing, exercising or defending legal claims; g. For protecting the rights of another natural or legal person; h. For reasons of important public interest as defined under the NDPA and relevant Nigerian laws; i. To comply with pertinent legal and regulatory directives.

Once processing is restricted following your request, we will inform you before we lift the restriction.

4. Requests for Portability: If our processing is performed by computer and is necessary to fulfil a contract with you, or is based on your consent, you have the right to: a. Receive any Personal Data you have provided to us in a structured, commonly used and machine-readable electronic format; b. Send your Personal Data to another organization or have us do so for you if it is technically feasible.

If your request relates to a set of Personal Data that also concerns other individuals, we may restrict the transfer to only the portion relevant to you, unless you establish that you have also obtained their consent.

5. Requests to Object to Automated Decisions: Generally, you have the right to object to any legal decision concerning you, or which otherwise significantly affects you, if this is based solely on the automated processing of your Personal Data. This includes automated decisions based on profiling. In such instance, you may undertake a legal process to prevent or advance your rights. Otherwise, we may refuse your request regarding such automated decisions where it is: a. Necessary to enter into a contract with you, or for the performance of your contract with us; b. Permitted by regulations; or c. Based on your explicit consent.

Our actions on the automated processing involving your sensitive Personal Data (where you have given your explicit consent or the processing is necessary for reasons of substantial public interest) are in complete compliance with the NDPA and relevant laws.

9. How to Delete Your Account and Data

You may stop using the Services and request deletion of your account and associated data at any time. You can do so through the in-app customer support, or by sending a request to help@kasykredit.com. To protect you, we will ask you to provide your account details and proof to verify and validate your identity; after verification, we will clear your account and related data, subject to any Personal Data we are required by law or regulation to retain (for example, loan and transaction records we must keep to satisfy legal, accounting or reporting obligations).

10. How Do We Protect Your Personal Data?

Security — We maintain technical, physical, and administrative security measures designed to provide reasonable protection for your Personal Data against loss, misuse, unauthorized access, disclosure, and alteration. The security measures include firewalls, data encryption, HTTPS transmission, physical access controls to our premises, CCTV cameras for public safety and quality control, as well as information access authorization controls. We restrict access to your Personal Data to authorized employees, contractors and agents who need it to process it for us and who are subject to strict contractual and technical safeguards.

Confidentiality — Your Personal Data is regarded as confidential and will not be divulged to any third party, except under legal and/or regulatory conditions. You have the right to request sight of, and copies of, any and all information we keep on you, if such requests are made in compliance with the Freedom of Information Act and other relevant enactments.

While we are dedicated to securing our systems and services and safeguarding the information entrusted to us, your role in fulfilling confidentiality duties includes, but is not limited to, adopting and enforcing appropriate security measures such as securing and maintaining the privacy of your password(s) and account/profile registration information, adherence to physical security protocols on our premises, and verifying that the Personal Data we maintain of you is accurate and current.

We will inform you of any breaches which may affect your Personal Data.

11. Remedies for Violation and Time-frame for Remedy

In the event of a violation of this policy, our Data Protection Officer shall within 7 days redress the violation. Where the violation pertains to the disclosure of your Personal Data without your consent, such information shall be retracted immediately, and confirmation of the retraction sent to you within 48 hours of the redress.

12. Governing Law

This Privacy Policy is made pursuant to the Nigeria Data Protection Act 2023, the Companies and Allied Matters Act 2020 (under which FLAGLA LENDING LTD, RC 8455713, is incorporated), the Money Lenders Act (Cap. 512) under which FLAGLA LENDING LTD is licensed to carry on the business of money lending, and any other relevant Nigerian laws, regulations or international conventions applicable to Nigeria.

13. Changes to our Privacy Policy

This Privacy Policy is reviewed periodically and whenever there is any substantial change to our business or regulatory requirements. The revised Privacy Policy will be effective as of the published updated date. At the minimum, we shall review this annually and communicate via our communication channels such as our website, social media accounts, etc. Your continued use of our Services after any such change constitutes your acceptance of the updated policy. If the revised version includes a substantial change, we may notify you of the change using email or other means.

14. Assignment on Merger or Acquisition

In the event that FLAGLA LENDING LTD undergoes a merger, acquisition, corporate reorganization, or sale of all or substantially all of its assets or business, all rights and obligations arising under this Privacy Policy shall automatically be assigned to, assumed by, and continue to be enforceable against and by the successor or acquiring entity, without the need for further consent from you. Such successor or acquiring entity shall be deemed substituted for FLAGLA LENDING LTD for all purposes under this Privacy Policy.

15. How Does Your Personal Data Move Globally?

Our operations are supported by a network of computers, cloud-based services and other infrastructure and information technology. Your Personal Data will be stored in Nigeria where we are providing Services to you, except where you provide your consent for your Personal Data to be processed outside Nigeria to enable us to process your transactions. Data are stored with appropriate encryption methods and security standards. We will protect your information as prescribed in this Privacy Policy if your Personal Data is transferred out of Nigeria. By using our Platform and Services, you consent to your Personal Data being transferred out of Nigeria to a jurisdiction which has adequate data protection laws as prescribed in the NDPA.

16. Contact Us

If you have any general questions or concerns about this Privacy Policy or the way in which we handle your Personal Data, kindly contact us via the details below:

FLAGLA LENDING LTD (KasyKredit)

Office Address: Blk D1, Flt 10, Millenium Housing Estate, Ijiaye, Lagos State, Nigeria.

Email: help@kasykredit.com

KasyKredit Logo

KasyKredit provides transparent, collateral-free instant loan solutions across Nigeria, helping you manage unexpected financial requirements.

Quick Links

  • Home
  • Benefits
  • How It Works
  • FAQs

Office Contact

  • Blk D1, Flt 10, Millenium Housing Estate, Ijiaye, Lagos State, Nigeria
  • help@kasykredit.com

© 2026 FLAGLA LENDING LTD. KasyKredit is a registered trademark. All rights reserved.

Privacy Policy Terms of Service