Effective Date: Upon First Use of the Application

Company: Novalend Limited

App Name: DashMe

Jurisdiction: Federal Republic of Nigeria

This Privacy Policy describes how Novalend Limited (“the Company”) collects, uses, stores, retains, and protects personal data in connection with the DashMe mobile application and lending services. By installing, accessing, or using DashMe, you acknowledge and accept the practices described herein.

1.Regulatory and Legal Compliance

The Company processes personal data in accordance with applicable laws and regulatory frameworks, including but not limited to:

a.Nigeria Data Protection Act (NDPA) 2023

b.Federal Competition and Consumer Protection Commission (FCCPC) Guidelines

c.Applicable Money Lending Regulations within the Federal Republic of Nigeria

Personal data is processed only for lawful lending, identity verification, fraud prevention, risk assessment, and customer support purposes.

2.Categories of Data We Collect

The Company collects personal data necessary for service delivery and compliance.

2.1.Identity Verification Data

a.Full Name

b.Phone Number

c.Gender

d.Date of Birth

e.NIN (National Identification Number)

f.BVN（Bank Verification Number )

g.Facial biometric data for identity confirmation (processed solely for verification purposes; self-developed backend algorithm)

h.Bank Account Information (for disbursement and repayment)

2.2.Contact Information

Up to three (3) emergency contacts, including: Name, Relationship, and Phone Number.Emergency contacts are only used if we are unable to reach you for repayment communication.

2.3.Device and Application Data

a.Device Model and Operating System

b.Device Identifier (e.g., Android Device ID)

c.Network Type and IP Address

d.Application usage statistics necessary for fraud prevention and service monitoring

The Company does not access or collect: your contact list, call logs, SMS messages, media files, or Precise location data.

2.4.Camera, Microphone, and Biometric Data

a.Camera and microphone access is required only when performing identity verification and live presence detection.

b.Biometric data (face recognition) is processed exclusively on the Company’s secure servers and is not shared with third parties.

c.These permissions are requested only at the time of user-initiated identity verification.

2.5.Permissions Notice

Camera – Required only during identity verification to capture live facial images. Not used in the background. Microphone – Required only for liveness detection to confirm that the user is present. Not used for recording calls or background audio.

We do not record, store, analyze, or transmit any voice or audio content. Microphone access is used solely to detect live presence during identity verification.

Biometric / Face Recognition – Used solely to verify identity. Biometric data is processed securely and never shared or stored beyond verification.

Users may decline these permissions; however, identity verification and loan processing may not be completed without them.

3.Lawful Purpose of Data Processing

Personal data is collected and processed strictly for the following purposes:

a.Assessing loan eligibility and risk profile

b.Confirming identity and preventing fraudulent activity

c.Disbursing and receiving loan repayments

d.Customer service communication

e.Sending reminders through SMS, calls, and in-app notifications

f.Performing identity verification via self-developed biometric algorithms

Personal data is not used for advertising, profiling beyond credit assessment, or unrelated commercial purposes.

3.1.Data Sharing and Disclosure

The Company does not sell, lease, or trade personal information.

Data may only be shared under the following conditions:

a.Payment Processing Providers – for loan disbursement and repayment processing.

b.Regulatory Authorities – when disclosure is required to comply with lawful requests, court orders, audits, or government investigations.

c.Emergency Contact Communication – strictly when the borrower cannot be reached regarding repayment obligations.

No other disclosure or distribution of data will occur.

3.2.Data Storage and Retention

Personal data is retained only for as long as necessary to:

a.Complete lending and repayment activities

b.Comply with financial, regulatory, and audit obligations

Once retention requirements expire, data is securely deleted or irreversibly anonymized.

3.3.Data Protection and Security

The Company implements administrative, technical, and organizational safeguards including, but not limited to:

a.Encrypted transmission via HTTPS

b.Controlled and logged access to personal data

c.Secure processing of biometric verification

While no system can guarantee absolute protection, the Company adopts reasonable and industry-aligned security measures to minimize risk.

The data is stored and processed on secure cloud infrastructure within the African region.

Where cross-border processing is required for fraud prevention, identity verification, or regulatory compliance, such transfers are performed in accordance with the Nigeria Data Protection Act (NDPA) 2023 and applicable security safeguards.

4.Collections and Communication Practices

The Company may contact you regarding repayment through:

a.In-app notifications

b.SMS messaging

c.Phone calls

Emergency contacts will only be informed that we are attempting to reach you. We will not disclose loan details, repayment status, or request payment from emergency contacts.

The Company strictly prohibits:

a.Harassment or coercive communication

b.Threats, defamation, or intimidation

c.Public disclosure of debt status

d.Contacting individuals not listed by the User as emergency contacts

5.User Rights

Subject to compliance requirements, you may:

a.Request access to your personal data

b.Request correction of inaccurate information

c.Request deletion of data after all outstanding loan obligations are fulfilled

Such requests may be submitted through the contact information below.

6.Amendments to This Policy

The Company may update this Privacy Policy to reflect operational or regulatory changes. Continued use of DashMe constitutes acceptance of the updated Policy.

7.Contact Information

Novalend Limited

Phone: +234 7038852454

Email:Support@novalendapp.com

Website:https://novalendapp.com/

Address:NO 30, BALOGUN KUKU STREET, LUCKY FIBRE IKORODU, LAGOS, LAGOS STATE, NIGERIA

By using DashMe, you confirm that you have read, understood, and accepted this Privacy Policy.