Privacy Policy
Your privacy matters. This policy explains how we collect, use, and protect your personal data in compliance with the Nigeria Data Protection Regulation (NDPR).
Last Updated: June 11, 2026
Contents
1. Introduction
MintrixTrade Limited ("MintrixTrade," "we," "us," or "our") is committed to protecting the privacy and personal data of our users. This Privacy Policy explains how we collect, use, disclose, transfer, and store your information when you use our website, mobile application, and services (collectively, the "Platform").
This policy is designed to comply with the Nigeria Data Protection Regulation (NDPR) 2022 and other applicable Nigerian laws and regulations governing data protection and privacy.
π Key Definitions
2. Scope of This Policy
This Privacy Policy applies to:
- All visitors to our website and users of our mobile application
- Registered users who create accounts on our Platform
- Individuals who contact us for support or inquiries
- Any individual whose personal data we collect and process in the course of our business operations
β οΈ Important Notice
By using our Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal data as described herein.
3. Data We Collect
We collect personal data that you provide directly to us and data that is automatically collected when you use our Platform.
3.1 Data You Provide Directly
π€ Account Information
- β’ Full legal name
- β’ Email address
- β’ Phone number
- β’ Username and password (encrypted)
- β’ Date of birth
- β’ Residential address
π Verification Documents
- β’ Government-issued ID (Passport, Driver's License, National ID, PVC)
- β’ Selfie with identification document
- β’ Proof of address (utility bills, bank statements)
- β’ Bank account details
- β’ Source of funds documentation
π° Transaction Data
- β’ Transaction history
- β’ Cryptocurrency wallet addresses
- β’ Bank transfer details
- β’ Gift card codes and values
- β’ IP addresses during transactions
π Communication Data
- β’ In-app messages
- β’ Support tickets
- β’ Email correspondence
- β’ WhatsApp communications
- β’ Feedback and survey responses
3.2 Automatically Collected Data
Technical Data
- β’ IP address
- β’ Device type and model
- β’ Operating system
- β’ Browser type and version
- β’ Screen resolution
- β’ Device identifiers
Usage Data
- β’ Pages visited
- β’ Time spent on pages
- β’ Click patterns
- β’ Navigation paths
- β’ Referral sources
- β’ Date and time of access
3.3 Special Categories of Data
We do not intentionally collect special categories of personal data as defined by the NDPR, including:
- β’ Racial or ethnic origin
- β’ Political opinions
- β’ Religious or philosophical beliefs
- β’ Trade union membership
- β’ Genetic or biometric data
- β’ Health data
- β’ Sex life or sexual orientation
4. Legal Basis for Processing
Under the NDPR, we must have a valid legal basis for processing your personal data. We rely on the following legal bases:
β Contractual Necessity
Processing is necessary for the performance of our contract with you. This includes:
- β’ Creating and maintaining your account
- β’ Processing transactions
- β’ Providing customer support
- β’ Fulfilling our obligations under our Terms of Service
β Legal Obligation
Processing is necessary to comply with Nigerian laws and regulations, including:
- β’ KYC/AML requirements under Money Laundering (Prohibition) Act 2011
- β’ Reporting obligations to NFIU, EFCC, and other regulators
- β’ Tax compliance requirements
- β’ Responding to court orders and lawful requests
β Legitimate Interests
Processing is necessary for our legitimate interests, provided they do not override your rights. This includes:
- β’ Preventing fraud and enhancing security
- β’ Improving our services and user experience
- β’ Marketing our services (where permitted)
- β’ Operating and maintaining our Platform
β Consent
For processing activities that are not covered by the above bases, we will obtain your explicit consent. You have the right to withdraw consent at any time.
5. How We Use Your Data
We use your personal data for the following purposes:
π― Service Provision
- β’ Create and manage your user account
- β’ Process cryptocurrency transactions
- β’ Facilitate gift card exchanges
- β’ Process deposits and withdrawals
- β’ Provide customer support services
π‘οΈ Security & Compliance
- β’ Verify your identity (KYC)
- β’ Prevent fraud and money laundering
- β’ Monitor transactions for suspicious activity
- β’ Comply with legal and regulatory requirements
- β’ Protect the security of your account
π Improvement & Analytics
- β’ Understand how users interact with our Platform
- β’ Improve user experience and interface design
- β’ Analyze platform performance
- β’ Identify and fix technical issues
- β’ Develop new features and services
π± Communication
- β’ Send important service notifications
- β’ Respond to your inquiries and support requests
- β’ Send transaction confirmations
- β’ Provide updates about our services
- β’ Marketing communications (where consented)
7. Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction.
7.1 Technical Security Measures
π Encryption
- β’ AES-256 encryption for data at rest
- β’ TLS 1.3 encryption for data in transit
- β’ Encrypted password storage (bcrypt)
- β’ Secure key management
π‘οΈ Access Control
- β’ Role-based access controls (RBAC)
- β’ Multi-factor authentication (MFA)
- β’ Principle of least privilege
- β’ Regular access reviews
π Monitoring
- β’ Continuous security monitoring
- β’ Intrusion detection systems
- β’ Audit logging of all access
- β’ Anomaly detection
π Infrastructure
- β’ Secure cloud infrastructure
- β’ Web Application Firewall (WAF)
- β’ DDoS protection
- β’ Regular vulnerability scanning
7.2 Organizational Measures
- β’ Data Protection Officer (DPO): We have appointed a DPO to oversee our data protection compliance
- β’ Employee Training: Regular data protection and security awareness training for all staff
- β’ Confidentiality Agreements: All staff and contractors sign confidentiality agreements
- β’ Incident Response: Comprehensive incident response plan for data breaches
- β’ Third-Party Audits: Regular security audits and penetration testing
β οΈ Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:
- β’ Notify the NDPC within 72 hours of becoming aware of the breach
- β’ Notify you directly if the breach is likely to result in a high risk to your rights
- β’ Take immediate steps to contain and remediate the breach
- β’ Conduct a thorough investigation and document all findings
8. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements.
π Retention Periods
User Account Data
Profile, preferences, credentials
Transaction Records
All trading and exchange activity
KYC Documents
ID verification, proof of address
Communication Records
Support tickets, messages
Log & Analytics Data
Access logs, usage analytics
8.1 Data Disposal
When data reaches the end of its retention period, we ensure secure deletion through:
- Cryptographic erasure: Secure deletion of encrypted data by destroying encryption keys
- Overwriting: Multiple-pass overwriting for physical media
- Secure deletion: Industry-standard secure deletion protocols
- Certificate of destruction: Documentation of disposal where required
9. Your Rights as a Data Subject
Under the NDPR, you have the following rights regarding your personal data:
π Right to Access
You have the right to obtain confirmation that we are processing your personal data and to request a copy of your personal data.
βοΈ Right to Rectification
You have the right to have inaccurate personal data corrected without undue delay. You can update most of your information through your account settings.
ποΈ Right to Erasure ("Right to be Forgotten")
You have the right to request deletion of your personal data when:
- β’ Data is no longer necessary for the purposes collected
- β’ You withdraw consent (where processing was based on consent)
- β’ You object to processing (and there are no overriding legitimate interests)
- β’ Data was processed unlawfully
- β’ Legal requirement for deletion
Note: This right is not absolute. We may need to retain data for legal compliance purposes.
βΈοΈ Right to Restriction of Processing
You have the right to request that we restrict processing of your data when:
- β’ You contest the accuracy of the data
- β’ Processing is unlawful but you don't want deletion
- β’ We no longer need the data but you need it for legal claims
- β’ You have objected to processing (pending verification)
π¦ Right to Data Portability
You have the right to receive your personal data in a structured, machine-readable format and to transmit that data to another controller, where:
- β’ Processing is based on consent or contract
- β’ Processing is carried out by automated means
π« Right to Object
You have the right to object to processing of your personal data:
- β’ For direct marketing purposes (at any time, no reason needed)
- β’ For processing based on legitimate interests
- β’ For processing for scientific/historical research or statistics
π Right to Withdraw Consent
Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal does not affect the lawfulness of processing before withdrawal.
9.1 How to Exercise Your Rights
To exercise any of your rights, please contact our Data Protection Officer:
dpo@mintrixtrade.com
+234 800 000 0000
Response Time: We will respond to your request within 1 month. This period may be extended by 2 additional months for complex requests, with notification.
Verification: We may require verification of your identity before processing your request to protect your data.
βοΈ Right to Lodge a Complaint
If you believe our processing of your personal data violates the NDPR, you have the right to lodge a complaint with the Nigeria Data Protection Commission (NDPC):
- Website: https://ndpc.gov.ng
- Email: info@ndpc.gov.ng
- Phone: +234 803 123 4567
11. Third-Party Links & Services
Our Platform may contain links to third-party websites and services. This Privacy Policy applies only to our Platform. We are not responsible for the privacy practices or content of any third-party sites.
π Third-Party Services We Use
We use trusted payment processors to handle bank transfers and card payments. Your payment information is processed according to their privacy policies.
Cryptocurrency transactions occur on public blockchains. Your wallet addresses and transaction amounts are publicly visible on these networks.
Links to WhatsApp, Instagram, Twitter, and other social platforms are provided for convenience.
β οΈ Important Warning
When you leave our Platform and visit third-party websites:
- β’ These sites have their own privacy policies
- β’ We do not accept responsibility or liability for their practices
- β’ Always review the privacy policy of any site you visit
- β’ Be cautious about sharing personal information on third-party sites
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or regulatory obligations.
12.1 How We Will Notify You
- β’ Material Changes: For significant changes, we will notify you via email or in-app notification at least 30 days before the changes take effect.
- β’ Minor Changes: For minor updates (clarifications, formatting, non-material corrections), we will update the "Last Updated" date at the top of this page.
- β’ Continued Use: Your continued use of the Platform after any changes to this Privacy Policy constitutes your acceptance of the updated terms.
12.2 Version History
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data protection practices, please contact our Data Protection Officer:
Data Protection Officer
dpo@mintrixtrade.com
Primary contact for all privacy inquiries
+234 800 000 0000
For urgent inquiries during business hours
General Support
info@mintrixtrade.net
For account and service questions
Response Time
We aim to respond to all privacy-related inquiries within 48 business hours.
Formal data subject access requests will be responded to within 1 month as required by NDPR.
Β© 2026 MintrixTrade Limited. All Rights Reserved.
This Privacy Policy is made in compliance with the Nigeria Data Protection Regulation (NDPR) 2022.