Privacy Policy

Last updated: February 20, 2026

Our Privacy Principles

We're committed to protecting your privacy and data

Data Encryption

All data is encrypted in transit and at rest using industry-standard encryption protocols.

Transparency

We're transparent about what data we collect and how we use it.

User Control

You have full control over your data and can access, modify, or delete it at any time.

Data Minimization

We only collect the data necessary to provide our services.

1. Introduction

Staff Pay ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our payroll management platform and services.

By using Staff Pay, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Information We Collect

2.1 Personal Information

We collect information that you provide directly to us, including:

  • Name, email address, phone number, and contact information
  • Business information and registration details
  • Bank account and payment information
  • Beneficiary information (names, salaries, bank details)
  • Transaction history and payment records

2.2 Identity Verification (KYC) and Compliance

To comply with Nigerian law, the Central Bank of Nigeria (CBN) regulations, and anti-money laundering (AML) and counter-terrorism financing (CFT) requirements, we may collect and verify:

  • Government-issued identification (e.g., National ID, voter card, international passport)
  • Bank Verification Number (BVN) or other identity verification data where required
  • Business registration documents, CAC certificates, and beneficial ownership information
  • Proof of address and source of funds documentation

KYC and compliance data is collected for legal obligation, fraud prevention, and security. We may share this information with regulators, law enforcement, or our licensed payment partners as required by law.

2.3 Automatically Collected Information

When you use our services, we automatically collect:

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, features used, time spent)
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our payroll services
  • Process payments and transactions
  • Conduct identity verification (KYC) and comply with CBN, AML/CFT, and other regulatory requirements
  • Send you service-related communications
  • Respond to your inquiries and provide customer support
  • Detect, prevent, and address technical issues, fraud, and money laundering
  • Comply with legal obligations and enforce our terms
  • Analyze usage patterns to improve user experience

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist in operating our platform (e.g., payment processors, KYC/identity verification providers, cloud hosting)
  • Regulators and Law Enforcement: With the Central Bank of Nigeria (CBN), Nigeria Financial Intelligence Unit (NFIU), law enforcement, or other authorities when required by law or to prevent fraud, money laundering, or terrorism financing
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize us to share your information

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • 256-bit SSL encryption for data in transit
  • Encryption at rest for stored data
  • Regular security audits and vulnerability assessments
  • Access controls and authentication mechanisms
  • Secure data centers with physical security measures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security.

6. Your Rights

Under the Nigeria Data Protection Act 2023 (NDPA) and applicable regulations, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your personal data
  • Restriction: Request limitation of processing
  • Portability: Receive your data in a structured format
  • Objection: Object to processing of your data

To exercise these rights, please contact us at hello.staffpay@gmail.com.

7. Data Retention

We retain your personal information for as long as necessary to provide our services and fulfill the purposes outlined in this policy, unless a longer retention period is required by law.

Account closure: When you close your account (via Deactivate or Permanently Delete in Settings), we will delete or anonymize your personal information within 30 days. You may permanently delete your account and all associated data at any time from Dashboard → Settings → Permanently Delete Account.

System data: Application logs and notifications are retained for 3 months, then automatically deleted. Cookie and consent preferences are logged for compliance and retained as required by law.

KYC and compliance data: Identity verification records and AML/CFT documentation are retained as required by CBN regulations and Nigerian law (typically up to at least 5 years after the end of the business relationship).

Where Nigerian law, tax regulations, or financial regulations require longer retention, we retain data in accordance with those requirements.

8. Cookies and Tracking

We use cookies and similar tracking technologies to enhance your experience, analyze usage, and assist with marketing efforts. You can control cookie preferences through your browser settings.

For more information, please see our .

9. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

We encourage you to review this policy periodically to stay informed about how we protect your information.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Staff Pay Privacy Team

Email: hello.staffpay@gmail.com

Phone: +234 813 878 1051

Address: Lagos, Nigeria