Legal

Privacy Policy

We are committed to protecting your personal data and being transparent about how we use it.

Document status

Current policy

Last updated: 1 May 2026

1. Introduction

This Privacy Policy explains how Ashiri Technologies Ltd (“Ashiri”, “we”, “us”, or “our”) collects, uses, stores, and protects personal data when you use our platform at ashiri.ng and related services (the “Platform”).

We operate under the Nigeria Data Protection Regulation (NDPR) 2019, the Nigeria Data Protection Act (NDPA) 2023, and other applicable Nigerian laws. By using the Platform, you acknowledge that you have read and understood this Policy.

2. Who We Are

Ashiri Technologies Ltd is the data controller for personal information processed through the Platform. We are incorporated and registered with the Corporate Affairs Commission (CAC) of Nigeria.

Registered address: Chevron Drive Block D9, Flat 10, Lekki Paradise Estate 3, Lekki, Eti-Osa, Lagos, Nigeria.
Contact email: [email protected]

3. Information We Collect

3.1 Information You Provide Directly

  • Registration data: Full name, email address, phone number, market or area of operation, and state.
  • Group / business data: Thrift group name, estimated number of contributors, plan selection.
  • Contributor data (added by Coordinators): Names, phone numbers, and savings records of contributors within a group.
  • Communications: Messages sent via contact forms or WhatsApp support.

3.2 Financial Data

  • Daily savings deposit records (amounts, dates, timestamps).
  • Payment history for platform subscription fees.
  • Transaction receipts generated for contributors.

3.3 Automatically Collected Data

  • IP address, browser type, device type, and operating system.
  • Pages visited, time spent, referral source, and interaction patterns.
  • Cookies and similar tracking technologies (see Section 12 and our Cookie Policy).

4. How We Use Your Information

We use your personal data for the following purposes:

  • Service delivery: To create and manage your account, process savings records, generate receipts, and provide platform features.
  • Notifications: To send transaction receipts, platform updates, and service communications via WhatsApp and email.
  • Credit history: To build verifiable savings records that contributors may use to access financial services.
  • Platform improvement: To analyse usage patterns, diagnose technical issues, and improve our services.
  • Legal compliance: To comply with applicable Nigerian laws, regulations, and lawful requests from competent authorities.
  • Security: To detect, prevent, and investigate fraud, abuse, or security incidents.
  • Marketing (with consent): To send updates about new features or offers where you have opted in.

5. Legal Basis for Processing

Under the NDPR and NDPA, we process your personal data on the following lawful bases:

  • Contract performance: Processing necessary to provide the services you have signed up for.
  • Legal obligation: Processing required to comply with applicable laws and regulations.
  • Legitimate interests: Processing for fraud prevention, platform security, and analytics that do not override your rights.
  • Consent: For optional analytics cookies, marketing communications, or sharing data with financial partners for credit services.

6. Sharing Your Information

We do not sell your personal data. We may share it in the following limited circumstances:

  • Service providers: Cloud infrastructure providers (e.g. AWS, Microsoft Azure), analytics services, and communication platforms that process data on our behalf under binding data processing agreements.
  • Financial partners (with your consent): Banks, microfinance institutions, or credit bureaus to facilitate loan access or credit scoring for contributors who opt in.
  • Coordinators: Savings records and activity data for contributors are accessible to the coordinator managing that group, as part of the core platform service.
  • Regulators and law enforcement: Where required by law, court order, or lawful request from the Corporate Affairs Commission (CAC), the Nigeria Data Protection Commission (NDPC), or other competent Nigerian authorities.
  • Business transfers: In the event of a merger, acquisition, or sale of Ashiri, personal data may be transferred as part of that transaction. We will notify you before your data is subject to a different privacy policy.

7. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes set out in this Policy, subject to the following:

  • Active accounts: Data is retained for the duration of your relationship with Ashiri, plus a minimum of 7 years for financial records, in line with Nigerian financial regulations.
  • Inactive accounts: If your account has been inactive for 3 years with no savings activity, we will notify you before deleting non-essential data.
  • Legal hold: Data may be retained longer where required by law or ongoing legal proceedings.

8. Your Rights

Under the NDPR and NDPA, you have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you.
  • Right to rectification: Request correction of inaccurate or incomplete data.
  • Right to erasure: Request deletion of your data where it is no longer necessary for the purpose collected. Note: financial records may be retained as required by law.
  • Right to data portability: Receive your data in a structured, commonly used, machine-readable format.
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes.
  • Right to withdraw consent: Where processing is based on consent, withdraw it at any time without affecting prior processing.
  • Right to lodge a complaint: Lodge a complaint with the Nigeria Data Protection Commission (NDPC) at ndpc.gov.ng.

To exercise any of these rights, email [email protected] with the subject line “Data Rights Request”. We will respond within 30 days.

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure. These include:

  • PCI DSS Level 4 compliance — we meet Payment Card Industry Data Security Standards for handling payment-related data.
  • End-to-end encryption for data in transit (TLS/HTTPS).
  • Encryption of sensitive data at rest.
  • Role-based access controls limiting data access to authorised personnel only.
  • Regular security assessments and vulnerability testing.

While we take all reasonable precautions, no online service is completely secure. If you suspect a data breach, contact us immediately at [email protected].

10. Children’s Privacy

The Platform is not intended for individuals under the age of 18. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal data, please contact us immediately and we will delete it.

11. Third-Party Links

The Platform may contain links to third-party websites (e.g. app stores, partner sites). This Privacy Policy does not apply to those sites. We encourage you to review the privacy policies of any third-party services you access.

12. Cookies

We use cookies and similar technologies to operate the Platform and, where you consent, to analyse usage. Our full Cookie Policy explains the types of cookies we use, why we use them, and how you can manage your preferences.

You can manage your cookie consent at any time by clearing your browser’s local storage or by refreshing your consent via the banner that appears on your first visit.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date and, where appropriate, notify you by email or in-app notice. Continued use of the Platform after changes constitutes acceptance of the updated Policy.

14. Contact Us

For any privacy-related questions, requests, or complaints, contact us at: