Privacy Policy
At OkadaNaira, operated by Plano Lending Limited, we value your privacy and are committed to protecting the personal information you share with us. This Privacy Policy explains how we collect, use, store, and disclose your information when you use our mobile application (“App”) and related services (“Services”).
This Privacy Policy governs the use of personal data by OkadaNaira, and applies to all users who access, install, register for, or interact with our services within Nigeria.
By using our mobile application or any related services, you expressly:
Confirm that you have read, understood, and accepted the terms of this Privacy Policy;
Provide your informed, specific, and voluntary consent for the collection, use, storage, and processing of your personal data as described herein;
Acknowledge that your continued use of our services after any updates to this Privacy Policy constitutes your acceptance of those changes.
If you are accessing our services from outside Nigeria, it is your responsibility to ensure that such access is lawful under your local data protection and regulatory laws. We do not guarantee compliance with foreign regulations outside our operational jurisdiction.
we collect specific categories of personal data with your knowledge and consent, either directly from you or automatically through your device. This data enables us to assess loan eligibility, enhance user experience, and comply with legal and regulatory obligations.
Identity and Contact Information
Full legal name, date of birth, gender, marital status
Educational background and residential address
Phone number, email address, and messaging platform IDs (e.g., WhatsApp)
Emergency contact details: full name, relationship, and mobile number
Employment and Financial Information
Employment status, job category, industry, and work experience
Monthly income and income frequency
Bank account number, bank name, and Bank Verification Number (BVN)
Device and Technical Information
Device model, operating system version, unique device identifiers (e.g., Android ID)
IP address, language preference, time zone, and screen resolution
Mobile network details, signal strength, battery level, RAM, and storage capacity
Behavioral and Transactional Data
Loan application history and submission details
Credit approval outcomes and repayment behavior
In-app activity, usage patterns, and engagement metrics
Third-Party and Social Data
Information from credit bureaus, identity verification (KYC) providers, and public records
Social metadata (where permitted), such as social profile verification or limited account insights.
We are committed to the principles of data minimization, user transparency, and explicit consent. We only request access to specific device permissions when strictly necessary to deliver and optimize our services. Each permission is disclosed in advance and requires your affirmative authorization.
Permissions We Do Not Collect or Use
To protect your privacy and limit unnecessary data collection, OkadaNaira does not access or process the following device data types:
Precise GPS location
Photo gallery, file storage, or media library
Microphone or audio recordings
Contacts, call logs, or call history
Calendar, browser history, or list of installed apps
Biometric data, except when explicitly authorized during e-KYC
These permissions are not required for the functioning of our services and are never requested.
Permissions We May Request (With Consent)
We may request access to the following data categories to support specific service functionalities. All such access is strictly conditional upon your prior, explicit consent.
Financial SMS Access
With your permission, OkadaNaira may access selected SMS messages for the purpose of enhancing credit risk evaluation. This access is governed by strict filtering and privacy controls:
Access Duration: Limited to SMS received within the past 6 months (180 days)
Message Volume: A maximum of 2,000 messages may be processed
Data Extracted: Timestamp, sender name, and financial keyword-based content only
Inclusion Criteria: Messages containing financial-related terms such as loan, cash, wallet, naira, repay, credit, bank transfer, etc.
Exclusion Criteria:
Messages from personal contacts (e.g., +234 numbers)
Messages unrelated to finance (e.g., education, shopping, entertainment, health, etc.)
Messages from telecom providers (e.g., MTN, Airtel, Glo, 9Mobile)
Usage: Filtered financial SMS data is used exclusively to improve credit risk assessment models. Raw SMS data is neither stored nor shared with any third party.
Control: You may revoke this permission at any time through your device settings. Consent withdrawal takes effect immediately and does not impact your access to core features.
Camera Access
Access to your device's camera may be requested for the following secured, limited-use cases:
Identity Verification: Capture of your photo and official ID for KYC purposes
Biometric Checks: Facial authentication to prevent fraud and account impersonation
Security Measures: All captured images are encrypted in transit and at rest, and stored securely on our servers.
Approximate Location Access
With your approval, we may access your device’s approximate location (not GPS-precise) to:
Assess Risk: Validate regional consistency between stated and actual location
Prevent Fraud: Identify potentially suspicious login or usage patterns
Note: Real-time tracking is not performed. Location access is optional and can be disabled at any time.
Advertising Identifier (AD_ID)
We may use your device’s Advertising Identifier (AD_ID) for analytics and campaign attribution, solely for the following purposes:
Attribution: Measure marketing campaign effectiveness (e.g., Facebook, Google Ads)
Performance Analytics: Assess the quality and cost-efficiency of customer acquisition channels
Privacy Assurance: AD_ID is not linked to personal identifiers and can be reset or disabled by you at any time via device settings.
Network Connectivity
We may access network connectivity status to:
Ensure App Functionality: Confirm your device is online before processing transactions
Enhance Risk Management: Detect risky behaviors such as VPN or proxy use
Note: We do not access browsing history, installed apps, or unrelated network activity.
Use of Software Development Kits (SDKs)
Our application integrates with the AppsFlyer SDK, developed by AppsFlyer Ltd and officially listed in the Google Play SDK Console, for attribution and analytics purposes.
Data Collected via AppsFlyer SDK:
Advertising Identifier (e.g., Google AD_ID)
Approximate location data
In-app user activity (e.g., page visits, button clicks)
App performance metrics (e.g., crash logs, diagnostics)
Purpose of SDK Usage
Track app installations and activations
Measure app usage sessions
Log in-app events (e.g., purchases or form submissions)
Evaluate user quality and advertising ROI
All data transmitted through the SDK is encrypted using end-to-end protocols. We do not use the SDK to collect precise GPS location, personal messages, contact lists, or any sensitive personal content.
We process the information we collect for the following legitimate and clearly defined purposes:
Identity Verification and Fraud Prevention
To confirm your identity and protect against unauthorized access, identity theft, and fraudulent activities.
Credit Assessment and Loan Disbursement
To evaluate your creditworthiness, determine loan eligibility, and facilitate secure loan disbursement to your bank account.
Communication and Notifications
To send you important updates, loan offers, payment reminders, and service-related notifications via SMS, email, or in-app messaging.
Payment Processing and Collections
To process loan repayments, manage billing operations, and initiate collections where applicable.
Legal and Regulatory Compliance
To fulfill obligations under applicable financial, anti-money laundering (AML), and data protection laws and regulations.
User Experience and App Optimization
To analyze usage behavior and feedback in order to enhance app performance, usability, and service offerings.
Customer Support and Dispute Resolution
To provide responsive customer service, address inquiries, and resolve any issues or complaints in a timely manner.
5. Data Sharing and Disclosure
At OkadaNaira, we do not sell or rent your personal data to any third parties. However, we may share your information under the following circumstances, always subject to strict confidentiality and security obligations:
Authorized Service Providers: With vetted third parties who assist in providing our services (e.g., credit bureaus, KYC/AML providers, payment processors, cloud services, and analytics platforms).
Regulatory and Legal Requirements: With regulatory authorities, law enforcement, or courts where required by applicable law, regulation, or legal process.
Debt Recovery Partners: With licensed debt recovery agents or legal firms in cases of overdue repayments, strictly for collection purposes.
Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your data may be transferred as part of the business transaction.
All third-party partners are contractually bound to handle your data securely and use it only for the intended, agreed-upon purposes.
6. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by law. Specifically:
Your data may be retained for up to 5 years after your relationship with OkadaNaira ends.
This retention supports:
Legal, regulatory, and audit compliance
Fraud detection, dispute resolution, and enforcement of our agreements
Historical analysis or internal reporting (in anonymized form)
After this retention period, or once the data is no longer necessary, we will securely delete, anonymize, or de-identify your personal information in accordance with applicable data protection regulations.
7. Security of Your Information
We take data security seriously and have implemented robust technical, administrative, and physical safeguards to protect your information, including:
End-to-end encryption of sensitive data during transmission and in storage
Access controls and secure authentication mechanisms
Regular security audits, system monitoring, and vulnerability assessments
While we take every reasonable measure to safeguard your data, no system is completely immune to risk. In the event of a security incident, we will respond promptly and, where applicable, notify affected users and authorities.
8. Your Rights and Choices
As a data subject, you have the following rights regarding your personal information:
Access: Request access to the data we hold about you
Correction: Request updates to inaccurate, incomplete, or outdated data
Consent Management: Withdraw previously granted permissions (e.g. camera access)
Deletion: Request deletion of your account and associated personal data (subject to loan clearance)
To exercise any of these rights, please contact us at support@okadanaira.com. We aim to respond within a reasonable timeframe, in accordance with applicable laws.
9. Children’s Privacy
Our services are intended only for individuals aged 18 years and above. We do not knowingly collect personal data from children. If we become aware of any such collection, we will delete the information promptly.
10. Third-Party Links and Services
Our App may contain links to external websites or third-party services. These are provided for your convenience; however, we do not control their content or privacy practices. We encourage you to review the privacy policies of those entities before submitting any personal data.
11. International Data Transfers
Although OkadaNaira operates within Nigeria, certain data may be processed or stored on secure servers located in other jurisdictions by authorized service providers. In such cases, we ensure that:
Appropriate contractual safeguards are in place
Data protection standards equivalent to Nigerian law (e.g., NDPR) are maintained
Cross-border processing complies with applicable legal frameworks
12. Policy Updates
We may revise this Privacy Policy periodically to reflect changes in technology, legal requirements, or business operations. If any material changes occur:
We will notify you through in-app messages, email, or other appropriate channels
Continued use of our App after updates signifies your acceptance of the revised policy
We recommend reviewing this policy regularly for the latest information on our privacy practices.
This Privacy Policy shall be interpreted and enforced in accordance with the laws of the Federal Republic of Nigeria. Any disagreement or claim arising in relation to this Policy will be addressed through the following procedures:
Informal Resolution: In the event of a dispute, both parties agree to engage in good-faith discussions and make reasonable efforts to resolve the issue within thirty (30) days from the date of written notification.
Legal Action: If a mutual resolution cannot be reached, the matter shall be referred to and settled by the courts of competent jurisdiction in Lagos State, Nigeria, in accordance with applicable Nigerian law.
We appreciate your trust in OkadaNaira, and we remain fully committed to protecting your data and handling your information with the highest level of integrity and security.
14. Contact Us
If you have questions, feedback, or wish to exercise your privacy rights, please contact our support team:
Email: support@okadanaira.com
Service Hours: Monday to Friday, 9:00 AM – 6:00 PM
Address: 68 Coker Street, College Road, Ifako Ijaye, Agege, Lagos, Nigeria
We are committed to addressing your concerns in a prompt and respectful manner.