Privacy Policy

1. Information We Collect

We collect information you provide directly to us, such as when you create an account, use our services, or contact us for support.

Personal Information

• Name, email address, and phone number
• Address and country of residence
• Identity verification documents (for KYC compliance)
• Bank account details (for withdrawals)

Usage Information

• Transaction history and service usage
• Device information and IP address
• App usage patterns and preferences
• Communication records with our support team

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our services:

• Service Delivery: Process transactions, manage your account, and provide customer support
• Security: Verify your identity, prevent fraud, and ensure platform security
• Communication: Send important updates, notifications, and promotional materials
• Compliance: Meet legal and regulatory requirements, including KYC and AML
• Improvement: Analyze usage patterns to enhance our services and user experience

3. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following circumstances:

Third-Party Service Providers

To deliver our comprehensive services, we partner with trusted third-party providers who process transactions and verify identities on our behalf. We carefully select these partners and implement strict security measures to protect your data:

• Payment Processing: Flutterwave handles secure payment transactions. Your payment data is encrypted and processed according to PCI-DSS compliance standards.
• Bills Payment Services: VTPass processes utility bill payments (airtime, data, cable TV, electricity). Only necessary transaction details are shared, and all transmissions are encrypted.
• Identity Verification: Dojah KYC services verify your identity documents for regulatory compliance. Your KYC documents are securely transmitted and stored with bank-grade encryption.
• Cloud Infrastructure: We use enterprise-grade cloud storage with end-to-end encryption for data security and redundancy.
• SMS & Email Services: Third-party communication providers send transaction notifications and security alerts.

Security Commitment: All third-party service providers are bound by strict data protection agreements and are required to maintain industry-standard security protocols. We conduct regular security audits and compliance reviews of our partners.

Legal Requirements

We may disclose your information if required by law, regulation, or legal process, or to protect the rights, property, or safety of SkyMove, our users, or others. This includes compliance with Nigerian financial regulations and anti-money laundering (AML) requirements.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction. You will be notified of any such change and your rights regarding your personal information.

4. Data Security

Protecting your information is our top priority. We implement multiple layers of security to safeguard your data both on our platform and when shared with trusted third-party partners:

• Encryption: All sensitive data is encrypted using AES-256 encryption in transit (TLS 1.3) and at rest. Payment information never touches our servers directly.
• Access Controls: Strict role-based access controls limit who can view your information. Multi-factor authentication (MFA) protects administrative access.
• Third-Party Security Standards: All our service providers (Flutterwave, VTPass, Dojah) maintain ISO 27001 certification, PCI-DSS compliance, and undergo regular independent security audits.
• Monitoring: 24/7 continuous monitoring for suspicious activities, unauthorized access attempts, and security threats with automated alerts.
• Regular Audits: Quarterly security audits, annual penetration testing, and compliance reviews by independent cybersecurity firms.
• Secure Infrastructure: Enterprise-grade cloud infrastructure with DDoS protection, automatic backups, and 99.9% uptime guarantee.
• Fraud Detection: Advanced fraud detection algorithms monitor transactions in real-time to prevent unauthorized activities.
• Data Minimization: We only share the minimum necessary information with third parties required to complete your transactions.

Your Responsibility: Please keep your password secure and do not share your account credentials. Enable two-factor authentication in your account settings for additional security.

5. Token System and Service Modifications

IMPORTANT NOTICE - NON-NEGOTIABLE:

• Token Rewards System: SkyMove operates a token-based rewards system where tokens are earned through platform activities and can ONLY be redeemed for discounts on services (airtime, data, electricity, cable TV, marketplace fees). Tokens have NO cash value and CANNOT be withdrawn.
• Feature Removal Rights: SkyMove reserves the absolute right to modify, suspend, discontinue, or remove ANY feature, service, rewards program, or token system at ANY time, with or without notice, at our sole discretion.
• No Guaranteed Availability: No service, feature, or data collection practice is guaranteed to remain unchanged. We may modify our services for regulatory compliance, business needs, or technical requirements.
• Token Data: Token balances, transaction history, and rewards data may be adjusted, reset, or deleted if associated features are discontinued.
• Continuing Use: Your continued use after any changes constitutes acceptance of those changes and our updated data practices.

6. Your Rights and Choices

You have certain rights regarding your personal information:

• Access: Request access to your personal information
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your account and personal data
• Portability: Request a copy of your data in a portable format
• Opt-out: Unsubscribe from marketing communications

To exercise these rights, please contact us at [email protected].

6. Data Retention

We retain your information for as long as necessary to provide our services and comply with legal obligations. Specifically:

• Account information: Retained while your account is active
• Transaction records: Retained for 7 years for regulatory compliance
• KYC documents: Retained for 5 years after account closure
• Communication records: Retained for 3 years

7. International Transfers

Your information may be transferred to and processed in countries other than your country of residence, particularly when using our third-party service providers. We ensure appropriate safeguards are in place to protect your information during such transfers:

• Data transfer agreements with all international service providers
• Compliance with Nigerian Data Protection Regulation (NDPR)
• Standard contractual clauses for international data transfers
• Encryption of all data in transit across borders

Our primary data processing occurs within Nigeria and secure cloud infrastructure in Africa and Europe, ensuring data sovereignty and compliance with local regulations.

8. Children's Privacy

Our services are not intended for children under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected such information, we will take steps to delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our website and updating the "Last updated" date. Your continued use of our services after such changes constitutes acceptance of the updated policy.

10. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us: