The short version: We collect the data we need to run a payments product. We never sell your data. Your biometrics never leave your device. You can request, correct, or delete your data at any time. We comply with CBN, 9PSB, and all major privacy regulations. Read on for the full picture.
This Privacy Policy is issued by Pressend Solutions Inc., a Nigerian corporation ("Pressend", "we", "our", "us"). We operate the Pressend payment platform, mobile applications, merchant services, and all associated digital products.
This Policy explains how we collect, use, store, share, and protect personal data when you use our Services. It applies to all users — consumers, merchants, beneficiaries, and job applicants — globally. Where region-specific laws (CBN, NDPR) impose additional obligations, we describe those in dedicated sections.
Our Data Protection Officer (DPO) can be reached at dpo@pressend.xyz. Our national representative address is Pressend Solution., Flat 1, Udeh Philip, Along Tina Nweze Street, Abakaliki
We collect only the data necessary to operate a secure payment service. Here is a full account of the categories we collect and why.
| Data Category | Examples | Why Collected |
|---|---|---|
| Identity Data | Full name, date of birth, national ID number | KYC / legal compliance |
| Contact Data | Email address, phone number, home address | Account management, comms |
| Financial Data | Bank account details, card numbers (tokenised), transaction history | Payment processing |
| Authentication Data | Hashed PINs, session tokens (never plaintext passwords) | Account security |
| Profile Data | Display name, profile photo, preferences | Personalisation |
| Communication Data | Support messages, dispute descriptions, feedback | Customer support |
| Data Category | Examples | Why Collected |
|---|---|---|
| Device Data | Device model, OS version, unique device ID, hardware identifiers | Security, fraud detection |
| Usage Data | Feature interactions, screens visited, tap patterns | Product improvement |
| Location Data | GPS (when Panic Mode enabled or WalkOut active), approximate region otherwise | Safety, store matching |
| Network Data | IP address, connection type, carrier information | Fraud detection, security |
| Transaction Metadata | Timestamps, terminal IDs, NFC session tokens, transfer reference numbers | Processing, dispute resolution |
We do not collect raw biometric data from our servers (see Section 3). We do not collect your social media profiles unless you connect them. We do not purchase third-party data about you. We do not track your behaviour on other apps or websites via advertising SDKs.
Pressend handles Biometric Data with exceptional care. This section explains exactly how Face Pay, Palm Pay, and fingerprint data are handled. These practices comply with the Illinois Biometric Information Privacy Act (BIPA), GDPR Article 9, and all applicable biometric data regulations.
We use the data we collect for the following specific purposes. We do not use your data for purposes beyond those listed without obtaining fresh consent or establishing a new legal basis.
| Purpose | Data Used | Legal Basis |
|---|---|---|
| Processing payments and transfers | Financial, identity, device data | Contract performance |
| Identity verification (KYC) | Identity, contact data | Legal obligation |
| Fraud detection and prevention | Transaction, network, device data | Legitimate interests |
| Panic Mode alerts and GPS sharing | Location, contact list | Vital interests / consent |
| WalkOut basket tracking | In-store video (anonymised), item data | Contract performance |
| Posthumous fund disbursement | Beneficiary data, account balance | Consent / contract |
| Customer support | Communication, transaction history | Contract performance |
| Product improvement | Usage data (aggregated, anonymised) | Legitimate interests |
| Legal and regulatory compliance | Identity, financial data | Legal obligation |
| Marketing communications | Contact, preference data | Consent (opt-in only) |
Pressend does not sell personal data to advertisers, data brokers, or any third party. We do not use your payment behaviour to build advertising profiles. Our business model is built on service fees — not your data.
Under 9PSB and equivalent frameworks, we process personal data only where we have a valid legal basis. The bases we rely upon are:
We do not sell your data. We share it only with the following categories of recipients, and only to the extent necessary:
We will never share your data with advertisers, data brokers, or third-party marketers. We will never disclose data to governments without a valid legal instrument except to prevent imminent risk to life. We will always notify you of disclosures where legally permitted to do so.
Pressend operates nationwide. Your personal data may be transferred to and processed in states outside your home jurisdiction, including the United States, the United Kingdom, the European Union, and Singapore. We ensure such transfers comply with applicable law through the following mechanisms:
We retain your data only for as long as necessary for the purpose it was collected, or as required by law. Below are our standard retention periods:
Upon account deletion, we anonymise or delete personal data within 30 days, except where retention is required by law or is necessary for pending dispute resolution.
We apply financial-grade security practices to protect your data. Our measures include:
In the event of a personal data breach affecting your rights and freedoms, we will notify you within 72 hours of becoming aware of the breach, as required by GDPR Article 33.
Pressend is not directed to or intended for use by anyone under the age of 18. We do not knowingly collect personal data from children. If you believe a child under 18 has created a Pressend account, please contact us immediately at legal@Pressend.xyz and we will investigate and delete the account promptly.
You have the following rights over your personal data. Most can be exercised directly from the Pressend app under Settings → Privacy. For requests not supported in-app, contact our DPO at dpo@Pressend.xyz. We will respond within 30 days (GDPR) or 45 days (CCPA).
We review this Privacy Policy at least annually and whenever there are material changes to our data practices, applicable law, or our products. When we make material changes, we will notify you by email and in-app at least 30 days before changes take effect. For significant changes to how we handle Biometric Data, we will request fresh explicit consent.
The date at the top of this page reflects when the policy was last updated. Previous versions are available on request from dpo@Pressend.xyz.
For any privacy question, data rights request, or concern about how we handle your personal data, contact our Data Protection Officer:
| DPO Email | dpo@Pressend.xyz |
| Privacy Email | privacy@Pressend.xyz |
| Postal Address | Data Protection Officer, Pressend Solutions., Flat 1, Udeh Philip - Tina Nweze street, Abakaliki |
| Bug/Security Reports | security@Pressend.xyz |
Our DPO responds to all enquiries personally within 2 business days. No bots, no form letters.