OkadaNaira Privacy Policy
At OkadaNaira, operated by Plano Lending Limited, we value your privacy and are committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, store, and disclose your information when you use our mobile application (“App”) and related services (“Services”).
1. Applicability and User Consent
This Privacy Policy governs the use of personal data by OkadaNaira, and applies to all users who access, install, register for, or interact with our services within Nigeria.
By using our mobile application or any related services, you expressly:
Confirm that you have read, understood, and accepted the terms of this Privacy Policy;
Provide your informed, specific, and voluntary consent for the collection, use, storage, and processing of your personal data as described herein;
Acknowledge that your continued use of our services after any updates to this Privacy Policy constitutes your acceptance of those changes.
If you are accessing our services from outside Nigeria, it is your responsibility to ensure that such access is lawful under your local data protection and regulatory laws. We do not guarantee compliance with foreign regulations outside our operational jurisdiction.
2. Categories of Personal Data Collected
We collect specific categories of personal data with your knowledge and consent, either directly from you or automatically through your device. This data enables us to assess loan eligibility, enhance user experience, and comply with legal and regulatory obligations.
Identity and Contact Information
Full legal name, date of birth, gender, marital status
Educational background and residential address
Phone number, email address, and messaging platform IDs (e.g., WhatsApp)
Emergency contact details: full name, relationship, and mobile number
Employment and Financial Information
Employment status, job category, industry, and work experience
Monthly income and income frequency
Bank account number, bank name, and Bank Verification Number (BVN)
Device and Technical Information
Device model, operating system version, unique device identifiers (e.g., Android ID)
IP address, language preference, time zone, and screen resolution
Mobile network details, signal strength, battery level, RAM, and storage capacity
Behavioral and Transactional Data
Loan application history and submission details
Credit approval outcomes and repayment behavior
In-app activity, usage patterns, and engagement metrics
Information from credit bureaus, identity verification (KYC) providers, and public records
Social metadata (where permitted), such as social profile verification or limited account insights.
3. Sensitive Permissions and Information Access
We are committed to the principles of data minimization, user transparency, and explicit consent. We only request access to specific device permissions when strictly necessary to deliver and optimize our services. Each permission is disclosed in advance and requires your affirmative authorization.
Permissions We Do Not Collect or Use
To protect your privacy and limit unnecessary data collection, OkadaNaira does not access or process the following device data types:
Precise GPS location
Photo gallery, file storage, or media library
Microphone or audio recordings
Contacts, call logs, or call history
Calendar, browser history, or list of installed apps
Biometric data, except when explicitly authorized during e-KYC
These permissions are not required for the functioning of our services and are never requested.
4. Permissions We May Request (With Consent)
We may request access to the following data categories to support specific service functionalities. All such access is strictly conditional upon your prior, explicit consent.
SMS Permission
Objective: To enhance credit risk assessment through limited financial SMS analysis.
Filtering condition:
Including sender information, timestamps and financial-related keywords sms, such as credit, wallet, naira, money, kash, cash, moni, lend, loan, repay, bank, trans, disburse, ngn, acc, bal, debit, debt, borrow, risk, deposite, installment, amt, amount, limit, interest, rate, ngn, fund, quot, ₦, default, due, settle, expire, mature, collect, Lien, Balloon, Escrow, Forbearance, Term Sheet, Drawdown, Refi, Hard Pull, DSCR, ARM, Secured Note, Capital Call, Charge-Off, Subprime, Principal Balance.
Excluding messages from personal contacts (e.g. +234 number) are not included. Excluding non-financial content (such as shopping, education, entertainment, healthcare). Excluding notifications of telecommunications services (e.g., MTN, Airtel, Glo, 9Mobile).
Secure transmission and storage: All financial-related SMS data is transmitted to our server (okadanaira.com) using a secure encryption protocol. Sensitive information will be obfuscated in real time to ensure that no original personal identity information is leaked during transmission or storage.
Strict data confidentiality: SMS data related to finance will never be shared with any third party or external institution. The risk management system only outputs assessment results that cannot be traced back to the original content.
Data lifecycle management: The system will anonymize the data and retain it for up to 120 days to assist in fraud investigations and dispute resolution. After that, it will be permanently deleted. If you wish to delete SMS messages, please contact our online customer service within the app. We will complete the deletion within three business days.
Access to your device's camera may be requested for the following secured, limited-use cases:
Identity Verification: Capture of your photo and official ID for KYC purposes
Biometric Checks: Facial authentication to prevent fraud and account impersonation
Security Measures: All captured images are encrypted in transit and at rest, and stored securely on our servers.
With your approval, we may access your device’s approximate location (not GPS-precise) to:
Assess Risk: Validate regional consistency between stated and actual location
Prevent Fraud: Identify potentially suspicious login or usage patterns
Note: Real-time tracking is not performed. Location access is optional and can be disabled at any time.
Advertising Identifier (AD_ID)
We may use your device’s Advertising Identifier (AD_ID) for analytics and campaign attribution, solely for the following purposes:
Attribution: Measure marketing campaign effectiveness (e.g., Facebook, Google Ads)
Performance Analytics: Assess the quality and cost-efficiency of customer acquisition channels
Privacy Assurance: AD_ID is not linked to personal identifiers and can be reset or disabled by you at any time via device settings.
We may access network connectivity status to:
Ensure App Functionality: Confirm your device is online before processing transactions
Enhance Risk Management: Detect risky behaviors such as VPN or proxy use
Note: We do not access browsing history, installed apps, or unrelated network activity.
Use of Software Development Kits (SDKs)
Our application integrates with the AppsFlyer SDK, developed by AppsFlyer Ltd and officially listed in the Google Play SDK Console, for attribution and analytics purposes.
Data Collected via AppsFlyer SDK
Advertising Identifier (e.g., Google AD_ID)
Approximate location data
In-app user activity (e.g., page visits, button clicks)
App performance metrics (e.g., crash logs, diagnostics)
Track app installations and activations
Measure app usage sessions
Log in-app events (e.g., purchases or form submissions)
Evaluate user quality and advertising ROI
All data transmitted through the SDK is encrypted using end-to-end protocols. We do not use the SDK to collect precise GPS locations, personal messages, contact lists, or any sensitive personal content.
Firebase SDK
We use the Firebase SDK provided by Google LLC to monitor app performance and diagnose technical issues. This helps us ensure a stable and responsive experience for users.
The SDK may collect
Device-specific information (e.g., Android ID)
Crash logs and diagnostic data (e.g., OS version, device model, memory usage)
In-app event data (e.g., form submission errors, loan initiation)
Purpose of SDK Usage
Detect and resolve app crashes or loading failures
Improve overall app stability and performance
Optimize critical user journeys, such as loan applications
Data Protection
All data transmission is end-to-end encrypted
No access to biometric data, financial information, or precise location
Users can opt out of diagnostic reporting via device settings or Firebase’s consent tools
For more details, please refer to Google’s Privacy Policy: https://policies.google.com/privacy
Google Play Integrity API Integration
To enhance our App’s security and protect users and our services from fraud, unauthorized tampering, and illegal access, we integrate the Google Play Integrity API (hereinafter referred to as the "API"). This section supplements the aforementioned SDK and data processing terms, briefly outlining its purpose and the use of services provided by Google.
Purpose of Integration: The API is exclusively used to verify the App’s integrity, confirm it runs in a secure environment, and validate its distribution through official channels (Google Play Store), aiming to prevent fraud and security risks. It is not used for user behavior analysis, targeted advertising, or other non-security-related purposes.
Data Processing: The collection and processing of information required for verification are conducted directly by Google, in accordance with Google’s Privacy Policy and the API’s Terms of Service. We only receive verification results (e.g., "Integrity confirmed" or "Risk detected") without storing raw data or sharing it with third parties.
5. How We Use Your Information
We process the information we collect for the following legitimate and clearly defined purposes:
Identity Verification and Fraud Prevention: To confirm your identity and protect against unauthorized access, identity theft, and fraudulent activities.
Credit Assessment and Loan Disbursement: To evaluate your creditworthiness, determine loan eligibility, and facilitate secure loan disbursement to your bank account.
Communication and Notifications: To send you important updates, loan offers, payment reminders, and service-related notifications via SMS, email, or in-app messaging.
Payment Processing and Collections: To process loan repayments, manage billing operations, and initiate collections where applicable.
Legal and Regulatory Compliance: To fulfill obligations under applicable financial, anti-money laundering (AML), and data protection laws and regulations.
User Experience and App Optimization: To analyze usage behavior and feedback in order to enhance app performance, usability, and service offerings.
Customer Support and Dispute Resolution: To provide responsive customer service, address inquiries, and resolve any issues or complaints in a timely manner.
Google Play Integrity API-Related Security: To use the verification results from the Google Play Integrity API to maintain App security, prevent tampering or piracy, and protect against fraudulent activities, as detailed in Section 3.4 (Google Play Integrity API Integration).
6. Data Sharing and Disclosure
At OkadaNaira, we do not sell or rent your personal data to any third parties. However, we may share your information under the following circumstances, always subject to strict confidentiality and security obligations:
Authorized Service Providers: With vetted third parties who assist in providing our services (e.g., credit bureaus, KYC/AML providers, payment processors, cloud services, and analytics platforms).
Regulatory and Legal Requirements: With regulatory authorities, law enforcement, or courts where required by applicable law, regulation, or legal process.
Debt Recovery Partners: With licensed debt recovery agents or legal firms in cases of overdue repayments, strictly for collection purposes.
Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your data may be transferred as part of the business transaction.
All third-party partners are contractually bound to handle your data securely and use it only for the intended, agreed-upon purposes.
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law. Specifically:
Your data may be retained for up to 5 years after your relationship with OkadaNaira ends.
This retention supports:
Legal, regulatory, and audit compliance
Fraud detection, dispute resolution, and enforcement of our agreements
Historical analysis or internal reporting (in anonymized form)
After this retention period, or once the data is no longer necessary, we will securely delete, anonymize, or de-identify your personal information in accordance with applicable data protection regulations.
8. Security of Your Information
We take data security seriously and have implemented robust technical, administrative, and physical safeguards to protect your information, including:
End-to-end encryption of sensitive data during transmission and in storage
Access controls and secure authentication mechanisms
Regular security audits, system monitoring, and vulnerability assessments
While we take every reasonable measure to safeguard your data, no system is completely immune to risk. In the event of a security incident, we will respond promptly and, where applicable, notify affected users and authorities.
As a data subject, you have the following rights regarding your personal information:
Access: Request access to the data we hold about you
Correction: Request updates to inaccurate, incomplete, or outdated data
Consent Management: Withdraw previously granted permissions (e.g. camera access)
Deletion: Request deletion of your account and associated personal data (subject to loan clearance)
To exercise any of these rights, please contact us at support@okadanaira.com. We aim to respond within a reasonable timeframe, in accordance with applicable laws.
Our services are intended only for individuals aged 18 years and above. We do not knowingly collect personal data from children. If we become aware of any such collection, we will delete the information promptly.
11. Third-Party Links and Services
Our App may contain links to external websites or third-party services. These are provided for your convenience; however, we do not control their content or privacy practices. We encourage you to review the privacy policies of those entities before submitting any personal data.
12. International Data Transfers
Although OkadaNaira operates within Nigeria, certain data may be processed or stored on secure servers located in other jurisdictions by authorized service providers. In such cases, we ensure that:
Appropriate contractual safeguards are in place
Data protection standards equivalent to Nigerian law (e.g., NDPR) are maintained
Cross-border processing complies with applicable legal frameworks
We may revise this Privacy Policy periodically to reflect changes in technology, legal requirements, or business operations. If any material changes occur:
We will notify you through in-app messages, email, or other appropriate channels
Continued use of our App after updates signifies your acceptance of the revised policy
We recommend reviewing this policy regularly for the latest information on our privacy practices.
14. Governing Law and Dispute Resolution
This Privacy Policy shall be interpreted and enforced in accordance with the laws of the Federal Republic of Nigeria. Any disagreement or claim arising in relation to this Policy will be addressed through the following procedures:
Informal Resolution: In the event of a dispute, both parties agree to engage in good-faith discussions and make reasonable efforts to resolve the issue within thirty (30) days from the date of written notification.
Legal Action: If a mutual resolution cannot be reached, the matter shall be referred to and settled by the courts of competent jurisdiction in Lagos State, Nigeria, in accordance with applicable Nigerian law.
We appreciate your trust in OkadaNaira, and we remain fully committed to protecting your data and handling your information with the highest level of integrity and security.
If you have questions, feedback, or wish to exercise your privacy rights, please contact our support team:
Email: support@okadanaira.com
Service Hours: Monday to Friday, 9:00 AM – 6:00 PM
Address: 68 Coker Street, College Road, Ifako Ijaye, Agege, Lagos, Nigeria
We are committed to addressing your concerns in a prompt and respectful manner.