Who We Are

Credit Direct is a CBN duly licensed finance company based in Nigeria that provides swift, easily accessible loan and investment products to customers. We endeavour to meet leading standards for data protection and privacy. While our reasons are founded in ethical and corporate responsibility, our privacy practices as outlined in this Notice facilitate the following:

• Competitive Advantage: Our emphasis on protecting the privacy of prospective customers, customers, vendors, and employees distinguishes us from our competitors.
• Good Corporate Citizenship: A sound privacy notice is emblematic of reliable corporate citizens that respect individuals’ privacy.
• Business Enablement: Since Credit Direct uses significant volumes of personal information, privacy notices become a prerequisite to building enduring business relationships.
• Legal Protection: Appropriate privacy notices offer an opportunity to eliminate allegations of unlawful usage of personal information.

1. Who We Are

Credit Direct is a CBN duly licensed finance company based in Nigeria that provides swift, easily accessible loan and investment products to customers. We endeavour to meet leading standards for data protection and privacy. While our reasons are founded in ethical and corporate responsibility, our privacy practices as outlined in this Notice facilitate the following:

• Competitive Advantage: Our emphasis on protecting the privacy of prospective customers, customers, vendors, and employees distinguishes us from our competitors.
• Good Corporate Citizenship: A sound privacy notice is emblematic of reliable corporate citizens that respect individuals’ privacy.
• Business Enablement: Since Credit Direct uses significant volumes of personal information, privacy notices become a prerequisite to building enduring business relationships.
• Legal Protection: Appropriate privacy notices offer an opportunity to eliminate allegations of unlawful usage of personal information.

‍

2. Purpose & Objectives

This Notice defines requirements to help ensure compliance with laws and regulations applicable to Credit Direct’s collection, storage, use, transmission, disclosure to third parties, and retention of personal information and sensitive personal information. The main objectives of Credit Direct’s Notice are as follows:

• To ensure that all the personal information in Credit Direct’s custody is adequately protected against threats to maintain its security.
• To ensure that Credit Direct employees are fully aware of the contractual, statutory, or regulatory implications of any privacy breaches.
• To limit the use of personal information to identify the business purposes for which it is collected.
• To implement regular privacy training programs for employees, including assessments to measure understanding and compliance.
• To create an awareness of privacy requirements to be an integral part of the day-to-day operation of every employee and ensure that all employees understand the importance of privacy practices and their responsibilities for maintaining privacy.
• To establish a feedback mechanism for continuous improvement of privacy practices based on employee and customer feedback.
• To make all the employees aware of, the processes that need to be followed for collection, lawful usage, disclosure/ transfer, retention, archival, and disposal of personal information.
• To ensure that all third parties collecting, storing, and processing personal information on behalf of Credit Direct provide adequate data protection.
• To ensure that applicable regulations and contracts regarding the maintenance of privacy, protection, and cross-border transfer of personal information are adhered to.

‍

3. Scope

This Notice is applicable to all Credit Direct employees, contractors, vendors, interns, customers, and business partners who may receive personal information from Credit Direct, have access to personal information collected or processed by or on behalf of Credit Direct, or who provide information to Credit Direct.

‍

This Notice includes the scope of data collection for all digital interactions, such as website usage, mobile applications, and third-party data sharing. Specific details on data shared with third parties for business processing, analytics, and marketing purposes are included.

‍

This Notice covers the treatment of personal information gathered and used by Credit Direct for lawful business purposes. This Notice also covers the personal information we share with authorised Third Parties or that Third Parties share with us.

‍

4. Consent To Our Privacy Notice

You accept this Notice and give your consent when you apply for a job posting, access our platforms, or use our services, content, features, technologies, or functions offered on our website, digital platforms or visit our office for official or non-official purposes (collectively the “Credit Direct Business”).

‍

5. What Personal Information Do We Collect About You

The personal information that we will collect from you includes but is not limited to; full name, phone number, gender, identification number, email, date of birth, address, BVN, employment and income details, next of kin details, and bank details.

‍

We may also collect your personal information from other sources, including but not limited to credit bureaus, credit reference agencies, your employers, and your guarantors.

6. How Do We Collect Your Personal Information?

We use different methods to collect personal information from and about you through:

• Direct interactions: You may give us your personal, contact, and financial data by filling or by corresponding with us by post, web application, phone, chat, email, or in person. This includes personal information you provide when you:
  
  • apply for our products or services;
  • fill any of our forms;
  • create an account on any of our product platforms;
  • engage any platform that we operate;
  • call our Sales and Customer Experience team;
  • subscribe to our service or publications;
  • register or attend any of our events or program;
  • engage our social media platforms;
  • send an application for any of our job listings;
  • participate in surveys; or
  • give us some feedback.

• Automated technologies or interactions: We may collect technical data about your equipment, browsing actions, and patterns including the IP address used; login information; browser type and version, operating systems, and platforms when you interact with our website or application. We may also collect information about your visit including the pages you visited; what you searched for; length of visits and methods used to browse away from the page. We collect this personal information by using cookies, server logs, and other similar technologies. We may also receive technical data about you if you visit other websites employing our cookies.
• Third parties or publicly available sources: We may receive personal information about you from various third parties or public sources as set out below:
  
  • credit bureaus, credit reference agencies, your employers, and your guarantors;
  • contact, financial and transaction data from providers of technical, payment, and fund transfer services;
  • personal and contact data from publicly available sources such as social media or any web page;
  • contact data from third parties to which you have given consent to share your data to hear about the products and services of Credit Direct.

Data collection methods are reviewed and updated annually or as needed to ensure compliance with the latest regulatory requirements.

7. Purposes For Which We May Process Your Personal Information (Lawful Basis For Processing Personal Information)

To enable us to fulfill the contract between us for the products or services you have requested, we need to process your personal information for purposes including the following:

• processing applications for products and services, effecting payments, and transactions, updating records, and completing instructions or requests;
• providing products and services;
• assessing suitability for products and services;
• credit assessment, including conducting credit checks and setting credit limits;
• operational purposes;
• analytical purposes;
• establishment, continuation, and management of relationships and accounts;

For some purposes in connection with the service you have requested, we have a legal or regulatory obligation to process your personal information. These purposes include:

• the prevention, detection, investigation, and prosecution of crime in any jurisdiction (including, without limitation, money laundering, terrorism, fraud, and other financial crime);
• identity verification, government sanctions screening, and due diligence checks;
• enforcing obligations, including without limitation the collection of amounts outstanding from you and your provision of security for the facilities;
• to comply with local or foreign law, regulations, directives, judgments or court orders, government sanctions or embargoes, reporting requirements under financial transactions legislation, and demands of any authority, regulator, tribunal, enforcement agency, or exchange body.

We may also process your personal information in line with any voluntary codes; to effect agreements between any member of Credit Direct and any authority, regulator, or enforcement agency; to comply with our internal policies and good practice standards where it is in our legitimate interest to do so.

‍

We may also process your personal information where it is in the legitimate interest of our business. For example, sending promotional or marketing content, or seeking professional advice, including, in connection with any legal proceedings (including any prospective legal proceedings), for obtaining legal advice, or establishing, exercising, or defending legal rights.

‍

We may also process your personal information in certain circumstances when we have identified the interest of the public or in your vital interest.

8. Use Of Cookies

Our website uses cookies. A cookie is a piece of data stored on your computer’s hard drive that identifies your computer while you are using our site.

Cookies have a number of uses, for example, cookies can be used for analytics purposes to estimate the number of users on our website. They may also be used for other purposes, such as to maintain the security of the site and provide information on what we need to do to provide administration support to the website and for digital marketing purposes.

You can change your cookie preferences at any time by clicking on the ‘Cookie Settings’ icon. You can then adjust the available sliders to ‘Disable’ or ‘Enable’, then click ‘Save & Accept’. You may need to refresh your page for your settings to take effect.

Alternatively, most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit:

• www.aboutcookies.org
• www.allaboutcookies.org.

Find out how to manage cookies on popular browsers:

• Google Chrome
• Microsoft Edge
• Mozilla Firefox
• Microsoft Internet Explorer
• Opera
• Apple Safari

To find information relating to other browsers, visit the browser developer’s website.

If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.

‍

9. Visitors To Our Premises

We collect personal information about visitors to our premises. This may include your full name, the name of any company you represent, telephone number, and other relevant data, for example, recording from our CCTV systems.

We process your personal information, where it is in our legitimate interests, for the purposes of:

• visitor, contractor, and employee health and safety;
• security of visitors, contractors, employees, and physical premises and assets;
• prevention, detection, investigation, and prosecution of crime;
• compliance with our internal policy requirements.

We may also process your personal information to comply with our legal and/or regulatory obligations including financial crime and any external or internal investigations.

When your personal information is provided for the above purposes, we will only use your personal information when necessary for those purposes.

Any member of Credit Direct, including our officers, employees, agents, and advisers, may disclose your personal information to any of the following parties for any of the purposes specified above:

• Any member of Credit Direct, including our officers, employees, agents or director, and advisers
• Professional advisers (including insurers and legal advisers), third-party service providers, agents, or independent contractors providing services to support Credit Direct’s business;
• Any person to whom disclosure is allowed or required by local or foreign law, regulation, or any other applicable instrument;
• Any court, tribunal, regulator, enforcement agency, or any other authority (including any authority investigating an offense) or their agents;
• Anyone we consider necessary in order to provide services to Credit Direct located in any jurisdiction.

‍

10. Disclosure Of Personal Information

We may disclose your personal information to any member of Credit Direct, including our officers, employees, agents, and advisers, and may disclose your personal information to any of the following parties for any of the purposes specified below:

• professional advisers (including auditors), third-party service providers, agents, or independent contractors providing services to support Credit Direct’s business;
• in some circumstances, our business alliance partners may provide their product or service to you;
• upon your death or mental incapacity, your legal representative and their legal advisers, and a member of your immediate family for the purpose of allowing him/her to make payment on your account;
• any service provider or any person authorised to operate your account and to act on your behalf in giving instructions, performing any other acts under our banking agreement, or using any product;
• any person to whom disclosure is allowed or required by local or foreign law, regulation or any other applicable instrument;
• any court, tribunal, regulator, enforcement agency, exchange body, tax authority, or any other authority (including any authority investigating an offense) or their agents located in any jurisdiction;
• any debt collection agency, credit bureau or credit reference agency, rating agency correspondents, insurer or insurance/Takaful broker, direct or indirect provider of credit protection and fraud prevention agencies;
• any financial institution to conduct credit checks, anti-money laundering related checks, for fraud prevention and detection of crime purposes;
• anyone we consider necessary to facilitate requests for services or applications for products with Credit Direct;
• anyone we consider necessary in order to provide services in connection with a product;

‍

11. Security Of Personal Information

Personal information may be transferred to, or stored at, a location outside of Nigeria. The security of your personal information is important to us. Credit Direct has technical and organisational security measures in place to safeguard your personal information.

• Specific measures include data encryption, secure access controls, regular security audits, and employee training on data protection practices.
• Security measures are reviewed and updated bi-annually to address new threats and vulnerabilities.

‍

When using external service providers, we require that they adhere to security standards mandated by Credit Direct. We may do this through contractual provisions, including any required by a privacy regulator, and oversight of the service provider. Regardless of where personal information is transferred, we take all steps reasonably necessary to ensure that personal information is kept securely.

‍

You should be aware that the Internet is not a secure form of communication and sending us any personal information over the Internet carries with it risks including the risk of access and interference by unauthorised third parties. Information passing over the Internet may be transmitted internationally (even when sender and recipient are located in the same country) via countries with weaker privacy and data protection laws than in your country of residence depending on the integrity of your systems, Credit Direct shall not be responsible for any breach during transmission.

‍

12. Retention Of Personal Information

We retain your personal information for the period necessary to fulfill the purposes outlined in this Notice and in line with our legal and regulatory obligations..

13. Other Terms And Conditions

There may be specific terms and conditions in our service and product agreements that govern the collection, use, and disclosure of your personal information. Such other terms and conditions must be read in conjunction with this Privacy Notice.

‍

14. Automated Decisions And Profiling

We may use profiling, including behavioural analysis, to assist us to provide you with better services, making decisions, and preventing money laundering, terrorism, fraud, and other financial crime. Credit Direct would ensure that a Data Protection Impact Assessment is conducted before carrying out such processing activity.

• The logic behind automated decisions includes analysis of transaction patterns, credit scoring algorithms, and fraud detection systems.

• Safeguards include regular reviews of automated decision-making processes and the ability for individuals to contest decisions and request human intervention.

‍

15. Marketing

We may use your personal information:

• to conduct market research and surveys with the aim of improving our products and services;
• for marketing purposes, promotional events, competitions, and lucky draws.

• User consent for marketing is obtained through explicit opt-in mechanisms during the initial interaction.
• Users can opt-out of receiving marketing communications at any time by using the unsubscribe link in emails or contacting our customer service.

We process your personal information for these purposes because it is in the interest of our business to do so with the intention of improving our products and services and generating business. We will not send you marketing material if you have specifically asked us not to do so. You have the right to opt-out of receiving marketing material at any time. If you ask us not to send you marketing material or other promotional or research material, we may need to retain a record that you have asked us not to do so to ensure that you do not receive anything further.

‍

16. Monitoring

To the extent permitted by law, we may record and monitor your electronic communications with us to ensure compliance with our legal and regulatory obligations and internal policies for the purposes outlined above.

‍

17. Sponsorship And Donations

When deciding whether to enter into a sponsorship agreement or make a donation, we may process personal information on the person or those connected with the person who may be sponsored or to whom a donation may be made in line with our legal and/or regulatory obligations including:

• the prevention, detection, investigation, and prosecution of crime in any jurisdiction (including, without limitation, money laundering, terrorism, fraud, and other financial crime);
• government sanctions screening;
• to comply with local or foreign law, regulations, directives, judgments or court orders, government sanctions or embargoes, reporting requirements under financial transactions legislation, and demands of any authority, regulator, tribunal, enforcement agency, or exchange body.

We may also process your personal information where it is in our legitimate interests, to seek professional advice, including, in connection with any legal proceedings (including any prospective legal proceedings), for obtaining legal advice, or for establishing, exercising, or defending legal rights.

‍

18. Your Personal Information Rights

Subject to applicable law, regulations, and/or industry guidelines, you may have the following rights in addition to those conferred by law and regulation:

• Right of withdrawal of Consent – to withdraw your consent for the processing of your personal information if we are relying on consent and have no other legal grounds for processing your personal information.
• Right of Access – to request a copy of the personal information processed in relation to you. Credit Direct may be allowed by law to charge a fee for this.
• Right of Correction – to request that we correct your personal information. You have a right to request an update to any of your personal information that is out of date or incorrect.
• Right to Object – To object to how we process your personal information. This does not mean you can decide or choose how we process your personal information other than in relation to marketing. If you have any concerns about how we process your personal information, please send your request to our Data Protection Officer. We may not be able to offer you services if you do not want us to process the personal information, we consider it necessary in order to provide the services.
• Right to Restriction of processing – To restrict how your personal information is processed in certain cases, such as when the accuracy of your personal information is contested.
• Right to Portability – To request a copy of the personal information you have given to us in a machine-readable format. However, it is expected that you shall have taken all steps to ensure the security and safety of the medium of receiving the data and Credit Direct shall not be liable for any disclosure of your personal information provided that same was not as a result of the negligence or willful misconduct of Credit Direct.

Right to Erasure – To ask us to delete your personal information, for example, if we no longer have a valid reason to process it. This may be subject to extant relevant legislation requiring the retention of personal information of specific data subjects.

19. Complaints

If you have a complaint in relation to the processing of your personal information and you are not happy with the way we deal with it, please discuss this at our office or with your Relationship Manager, or contact the Data Protection Officer (DPO).

You also have the right to complain to the data protection authority currently the Nigeria Data Protection Commission (NDPC).

‍

20. Remedies And Contacting Us

In the event of a breach of personal information, Credit Direct shall within 72 (seventy-two) hours of having knowledge of such breach report the details of the breach to NDPC. Furthermore, where we ascertain that such a breach is detrimental to your rights and freedom in relation to your personal information, we shall take reasonable steps to inform you of the breach incident.

Where you have concerns relating to the processing of your personal information by Credit Direct Finance Company Limited or require any clarification on this policy, please notify us through or contact details provided below:

cdldataprotection@fcmb.com

Credit Direct Finance Company Limited
48/50 Isaac John Street, GRA,
Ikeja, Lagos, Nigeria

We will respond to your concerns within One month of receiving your notice.

‍

21. Changes To This Privacy Policy

This Privacy Policy may be updated from time to time and you are advised to visit this site regularly to check for any amendments.

‍

22. Applying To Work For Credit Direct Finance Company Limited

Please see our separate Privacy Notice for Job Applicants & Employees

‍

23. Linked Websites

Our Privacy Notice does not apply to third-party websites where our online advertisements are displayed or to linked third-party websites which we do not operate or control.

‍