Legal Information

Welcome to our Legal Information page. Here you will find important details regarding our Privacy
Policy, Terms of Service, and Cookies. Please take the time to read through these sections to
understand your rights and obligations when using BaseWallet.

1. Introduction

V1.0

Jun 24, 2024

Welcome to BaseWallet, an innovative fintech platform operated by Apex Web Network Limited ("we," "us," "our," or "BaseWallet"), a company duly registered in Nigeria. Our mission is to empower Africans and international users with financial freedom by providing a comprehensive suite of digital financial services.

This Privacy Policy is designed in compliance with the Nigeria Data Protection Act (NDPA) and other relevant international data protection laws. It explains how we collect, use, disclose, and protect your personal information when you use our mobile application, website, and related services (collectively referred to as the "Service").

At BaseWallet, we are deeply committed to safeguarding your privacy and ensuring the security of your personal information. We recognize the trust you place in us when you provide your data, and we take this responsibility seriously. This Privacy Policy is crafted to be transparent about our data practices and to empower you with knowledge about how your information is handled.

By accessing or using BaseWallet, you acknowledge that you have read, understood, and agree to be bound by the terms of this Privacy Policy. If you do not agree with any part of this policy, we kindly ask that you refrain from using our Service.

2. Data Controller and Data Protection Officer

Apex Web Network Limited acts as the Data Controller for personal information processed through BaseWallet. Our Data Protection Officer can be contacted at:

Chief Data Protection Officer Basewallet Limited Lagos, Nigeria Email: [email protected]

3. Information We Collect

To provide you with our comprehensive financial services, including multicurrency accounts, remittance services, and lifestyle products, we need to collect various types of information. This section outlines the categories of data we collect and how we obtain this information.

3.1 Personal Information

Personal information refers to any data that can be used to identify you as an individual. We collect the following types of personal information:

(a) Identity Information

Such as the full legal name, Date of birth, Nationality, Gender, Photograph (for identity verification purposes) and Signature

Full legal name
Date of birth
Nationality
Gender
Photograph (for identity verification purposes)
Signature

(b) Contact Information

Such as Email address, Phone number, Residential address and Mailing address (if different from residential address).

Full legal name
Date of birth
Nationality
Gender
Photograph (for identity verification purposes)
Signature

(c) Government-Issued Identification

Such as National ID number, Bank verification number (BVN), Passport number, Driver’s license number and Tax identification number.

(NOTE: The specific type of government ID required may vary depending on your country of residence and the services you use).

Bank Verification Number (BVN)
Passport number
Driver's license number
Tax identification number
National ID number

(NOTE: The specific type of government ID required may vary depending on your country of residence and the services you use).

(d) Financial Information

Such as Bank account details (account number, bank name, branch code), Credit/debit card information (card number, expiration date, CVV), Transaction history within BaseWallet and Source of funds information.

Bank account details (account number, bank name, branch code)
Credit/debit card information (card number, expiration date, CVV)
Source of funds information
Transaction history within BaseWallet

(e) Employment Information

Such as Occupation, Employer name, Employer address and Employment status

Occupation
Employer name
Employer address
Employment status

(f) Profile Information

Such as Username, Password (encrypted), Security questions and answers and Personal preferences and settings within the app

Username
Password (encrypted)
Security questions and answers
Personal preferences and settings within the app

3.2 Non-Personal Information

We also collect non-personal information that does not directly identify you but helps us improve our services and user experience. This includes:

(a) Device Information

Such as Device type (e.g., smartphone, tablet, desktop), Operating system and version, Browser type and version, Mobile device identifiers and IP address.

Device type (e.g., smartphone, tablet, desktop)
Operating system and version
Browser type and version
IP address

(b) Usage Data

Such as Features and pages accessed within the app, Time spent on various sections of the app, Frequency of app usage, Interaction with app elements (e.g., buttons clicked, forms submitted), Error logs and crash reports.

Features and pages accessed within the app
Time spent on various sections of the app
Frequency of app usage
Interaction with app elements (e.g., buttons clicked, forms submitted)
Error logs and crash reports

(c) Location Data

Such as GPS location (with your explicit consent), IP-based location, WiFi access points, and cell tower IDs.

GPS location (with your explicit consent)
IP-based location
WiFi access points
Cell tower IDs

(d) Aggregated User Statistics

Such as Demographic information (age range, gender distribution), Geographic distribution of users, and Popular features and services.

Demographic information (age range, gender distribution)
Geographic distribution of users
Popular features and services

(e) Cookies and Similar Technologies

Such as Session cookies, Persistent cookies, Web beacons, and Pixel tags.

Session cookies
Persistent cookies
Web beacons
Pixel tags

(f) Profile Information

Such as Username, Password (encrypted), Security questions and answers and Personal preferences and settings within the app

Username
Password (encrypted)
Security questions and answers
Personal preferences and settings within the app

4. How We Collect Your Information

We gather your personal and non-personal information through various channels:

(a) Direct Collection

Such as Information you provide when creating an account, Data you input when using our services (e.g., initiating transfers, exchanging currencies), Information shared during customer support interactions, and Surveys or feedback forms you complete.

Information you provide when creating an account
Data you input when using our services (e.g., initiating transfers, exchanging currencies)
Information shared during customer support interactions
Surveys or feedback forms you complete

(b) Automated Collection

Such as through cookies and similar technologies when you use our website or mobile app, via server logs and analytics tools, and through your device when you use our mobile app.

Through cookies and similar technologies when you use our website or mobile app
Via server logs and analytics tools
Through your device when you use our mobile app

(c) Third-Party Sources

Such as Identity verification services, Credit reference agencies, Public databases, and Social media platforms (if you choose to link your account).

Identity verification services
Credit reference agencies
Public databases
Social media platforms (if you choose to link your account)

5. Lawful Basis for Processing

Under the NDPA, we process your personal data based on the following lawful grounds:

(a) Consent

Where you have given clear consent for us to process your personal data for a specific purpose.

Where you have given clear consent for us to process your personal data for a specific purpose.

(b) Contract

The processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.

The processing is necessary for a contract we have with you.
Because you have asked us to take specific steps before entering into a contract.

(c) Legal Obligation

The processing is necessary for us to comply with Nigerian law or international laws applicable to our operations.

The processing is necessary for us to comply with Nigerian law.
Or international laws applicable to our operations.

(d) Legitimate Interests

The processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests.

The processing is necessary for our legitimate interests.
Or the legitimate interests of a third party.
Unless there is a good reason to protect your personal data which overrides those legitimate interests.

6. How We Use Your Information

BaseWallet uses the collected information for various purposes aimed at providing, improving, and securing our services. These purposes include:

(a) Service Provision and Account Management

Such as Facilitating the creation and management of your BaseWallet account, Processing transactions, including currency exchanges and remittances, Managing multicurrency accounts and balances, and Providing customer support and responding to your inquiries.

Facilitating the creation and management of your BaseWallet account
Processing transactions, including currency exchanges and remittances
Managing multicurrency accounts and balances
Providing customer support and responding to your inquiries

(b) Enhanced Functionality and User Experience

Such as Personalizing your experience within the app, Offering tailored financial advice and product recommendations, Implementing and improving our financial management tools, and Facilitating the subscription model for added benefits (e.g., health and travel insurance).

Personalizing your experience within the app
Offering tailored financial advice and product recommendations
Implementing and improving our financial management tools
Facilitating the subscription model for added benefits (e.g., health and travel insurance)

(c) Communication

Such as Sending transactional notifications (e.g., transfer confirmations, balance updates), Providing important account-related information, Delivering marketing communications about our products and services (with your consent), and Conducting surveys and collecting feedback to improve our services.

Sending transactional notifications (e.g., transfer confirmations, balance updates)
Providing important account-related information
Delivering marketing communications about our products and services (with your consent)
Conducting surveys and collecting feedback to improve our services

(d) Security and Fraud Prevention

Such as Verifying your identity and conducting Know Your Customer (KYC) checks, Detecting and preventing fraudulent activities, unauthorized access, and other illicit uses of our platform, and Enhancing the security of our services and protecting your account.

Verifying your identity and conducting Know Your Customer (KYC) checks
Detecting and preventing fraudulent activities, unauthorized access, and other illicit uses of our platform
Enhancing the security of our services and protecting your account

(e) Legal and Regulatory Compliance

Verifying your identity and conducting Know Your Customer (KYC) checks
Detecting and preventing fraudulent activities, unauthorized access, and other illicit uses of our platform
Enhancing the security of our services and protecting your account

(f) Business Operations and Improvement

Such as Analyzing usage patterns to improve our products and services, Conducting research and development for new features, Generating aggregated, anonymized data for business intelligence and market analysis, and Maintaining and enhancing the technical functionality of our platform.

Analyzing usage patterns to improve our products and services
Conducting research and development for new features
Generating aggregated, anonymized data for business intelligence and market analysis
Maintaining and enhancing the technical functionality of our platform

7. Data Sharing and Disclosure

To provide our comprehensive financial services and comply with legal obligations, we may share your information with certain third parties. We are committed to sharing your data only when necessary and with entities that maintain appropriate security standards. Here's a detailed overview of how we may share your information:

(a) Service Providers and Business Partners

Such as Payment processors to facilitate transactions, Banking partners for account linking and fund transfers, Identity verification services for KYC compliance, Cloud storage providers for secure data storage, Analytics providers to help us understand app usage and improve our services, Customer support tools to assist with inquiries, and Insurance providers for subscription-based insurance services.

Payment processors to facilitate transactions
Banking partners for account linking and fund transfers
Identity verification services for KYC compliance
Cloud storage providers for secure data storage
Analytics providers to help us understand app usage and improve our services
Customer support tools to assist with inquiries
Insurance providers for subscription-based insurance services

(b) Financial Institutions and Networks

Such as Banks and other financial institutions to process transactions, International remittance networks to facilitate cross-border transfers, and Currency exchange platforms for real-time currency conversion.

Banks and other financial institutions to process transactions
International remittance networks to facilitate cross-border transfers
Currency exchange platforms for real-time currency conversion

(c) Regulatory Authorities and Law Enforcement

Such as Financial regulatory bodies as required by law, Law enforcement agencies in response to valid legal requests, and Government bodies for tax reporting and other legal compliance matters.

Financial regulatory bodies as required by law
Law enforcement agencies in response to valid legal requests
Government bodies for tax reporting and other legal compliance matters

(d) Other BaseWallet Users

Limited information (such as name and transaction details) may be shared with other users when necessary to complete peer-to-peer transfers or other user-initiated transactions.

Limited information such as name and transaction details

(e) Corporate Transactions

In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred to the acquiring entity.

Your information may be transferred to the acquiring entity

(f) With Your Consent

We may share your information with other third parties when you have given us your explicit consent to do so. We do not sell your personal information to third parties for their marketing purposes or other commercial use.

When sharing data with third parties, we take steps to ensure that these entities maintain appropriate security measures to protect your information. We enter into data processing agreements that restrict how these parties can use your data and require them to implement adequate security controls.

8. Data Security

Protecting your personal and financial information is of utmost importance to us. In accordance with the NDPA, we implement a multi-layered approach to data security that includes:

(a) Encryption

All sensitive data is encrypted in transit using TLS/SSL protocols and Data at rest is encrypted using industry-standard encryption algorithms.

All sensitive data is encrypted in transit using TLS/SSL protocols.
Data at rest is encrypted using industry-standard encryption algorithms.

(b) Access Controls

Such as Strict access controls and authentication mechanisms for our systems, Regular audits of access privileges and Multi-factor authentication for critical operations.

Strict access controls and authentication mechanisms for our systems.
Regular audits of access privileges.
Multi-factor authentication for critical operations.

(c) Network Security

Such as Firewalls and intrusion detection systems to monitor and protect our networks and Regular vulnerability scans and penetration testing.

Firewalls and intrusion detection systems to monitor and protect our networks.
Regular vulnerability scans and penetration testing.

(d) Physical Security

Secure data centers with 24/7 monitoring, biometric access controls, and surveillance.

Secure data centers with 24/7 monitoring.
Biometric access controls and surveillance.

(e) Employee Training

Comprehensive security awareness training for all employees and Background checks for employees with access to sensitive data.

Comprehensive security awareness training for all employees.
Background checks for employees with access to sensitive data.

(f) Incident Response

A dedicated team for monitoring and responding to security incidents and Regular testing of our incident response plans.

A dedicated team for monitoring and responding to security incidents.
Regular testing of our incident response plans.

(g) Compliance

Adherence to international security standards and best practices and Regular third-party security audits.

While we implement these security measures, it's important to note that no method of electronic storage or transmission over the internet is 100% secure. We strive to protect your personal information but cannot guarantee its absolute security.

9. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. The specific retention periods for different types of data are determined based on:

(a) Legal and Regulatory Requirements

Such as Anti-money laundering regulations, Tax laws, and Financial record-keeping requirements.

Anti-money laundering regulations
Tax laws
Financial record-keeping requirements

(b) Operational Needs

Such as Ongoing account management, Fraud prevention and security, and Customer support and dispute resolution.

Ongoing account management
Fraud prevention and security
Customer support and dispute resolution

(c) Contractual Obligations

Duration of your agreement with BaseWallet and Post-termination periods as specified in our terms of service

When your data is no longer needed for these purposes, we will securely delete or anonymize it. If it is not possible to delete or anonymize your data (for example, because it has been stored in backup archives), we will securely store your data and isolate it from any further processing until deletion is possible.

10. Your Rights and Choices

Under the NDPA and other applicable international laws, you have the following rights:

(a) Right to Access

You can request a copy of the personal information we hold about you.

You can request a copy of the personal information we hold about you.

(b) Right to Rectification

You can ask us to correct or update any inaccurate or incomplete personal information.

You can ask us to correct or update any inaccurate or incomplete personal information.

(c) Right to Erasure (Right to be Forgotten)

In certain circumstances, you can request that we delete your personal information.

In certain circumstances, you can request that we delete your personal information.

(d) Right to Restrict Processing

You can ask us to temporarily or permanently stop processing your personal information.

You can ask us to temporarily or permanently stop processing your personal information.

(e) Right to Data Portability

You can request a copy of your personal information in a structured, commonly used, and machine-readable format.

You can request a copy of your personal information in a structured, commonly used, and machine-readable format.

(f) Right to Object

You can object to our processing of your personal information for certain purposes, such as direct marketing.

You can object to our processing of your personal information for certain purposes, such as direct marketing.

(g) Right to Withdraw Consent

Where we rely on your consent to process your data, you can withdraw this consent at any time.

Where we rely on your consent to process your data, you can withdraw this consent at any time.

(h) Right to Lodge a Complaint

You have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC) if you believe we have not handled your personal information in accordance with applicable laws.

To exercise these rights or to make any requests regarding your personal information, please contact our Data Protection Officer using the information provided in Section 2. We will respond to your request within the timeframe specified by the NDPA.

Please note that some of these rights may be limited where we have compelling legitimate grounds or legal obligations to continue processing your personal information.

11. International Data Transfers

BaseWallet operates across multiple countries, primarily serving the Nigerian and African markets but also facilitating international transactions. As a result, your personal information may be transferred to, stored, and processed in countries outside Nigeria. These countries may have data protection laws that are different from those in Nigeria.

When we transfer your personal information internationally, we take steps to ensure that appropriate safeguards are in place to protect your data and to comply with the NDPA and other applicable data protection laws. These safeguards may include:

(a) Adequacy Decisions:

Where applicable, we rely on adequacy decisions about certain countries for data transfers.

(b) Standard Contractual Clauses:

We use standard contractual clauses approved by the Nigeria Data Protection Commission in our agreements with service providers and partners

(c) Consent:

In some cases, we may obtain your explicit consent for international transfers.

(d) Necessity:

We may transfer data internationally when it's necessary for the performance of a contract with you or for your benefit.

For international transfers, we ensure compliance with the NDPA's requirements for cross-border data transfers, including obtaining authorization from the Nigeria Data Protection Commission where necessary.

By using BaseWallet, you acknowledge and consent to these international transfers of your personal information. If you have questions about our international data transfers, please contact our Data Protection Officer.

12. Children's Privacy

BaseWallet is designed for adults and is not intended for use by children under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected personal information from a child under 18, we will take steps to delete this information as soon as possible.

If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately using the information in Section 2. We will work with you to address the situation and remove any information we may have collected from a child under 18.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, and other factors. When we do, we will update the "Last Updated" date at the top of this Privacy Policy. For significant changes, we will provide a more prominent notice, which may include:

In-app notifications
Email notifications to the address associated with your account
A banner or pop-up notice on our website

We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your personal information. Your continued use of BaseWallet after any changes to this Privacy Policy constitutes your acceptance of the revised policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, we encourage you to contact our Data Protection Officer. Our dedicated privacy team is here to assist you and address any issues you may have. You can reach us through the following channels:

Chief Data Protection Officer Apex Web Network Limited Lagos, Nigeria Email: [email protected] Phone:

For urgent matters related to your account security, please contact our customer support team directly through the BaseWallet app or website.

We aim to respond to all inquiries within [X] business days. For complex issues, we may require additional time to investigate and respond fully.

15. Governing Law and Dispute Resolution

This Privacy Policy shall be governed by and construed in accordance with the laws of the Federal Republic of Nigeria, including the Nigeria Data Protection Act. Any disputes arising under or in connection with this Privacy Policy shall be subject to the exclusive jurisdiction of the Nigerian courts.

We are committed to resolving any complaints or concerns you may have about our use of your personal information. If you feel that we have not addressed your concerns adequately, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC).

16. Consent

By using BaseWallet, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein. If you do not agree with this policy, please do not use our Service.

Your trust is important to us, and we are committed to protecting your privacy and personal information. We strive to be transparent about our data practices and to provide you with meaningful control over your information.